350-401 · Question #1041
Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?
The correct answer is D. flexible. Cisco Threat Defense utilizes flexible NetFlow to obtain detailed visibility into network traffic flows.
Question
Which version of NetFlow does Cisco Threat Defense utilize to obtain visibility into the network?
Options
- ANBAR2
- BIPFIX
- C8
- Dflexible
How the community answered
(36 responses)- B6% (2)
- C3% (1)
- D92% (33)
Why each option
Cisco Threat Defense utilizes flexible NetFlow to obtain detailed visibility into network traffic flows.
NBAR2 (Network-Based Application Recognition 2) is a deep packet inspection technology for application recognition, not a NetFlow version for exporting flow data.
IPFIX (IP Flow Information Export) is an industry standard for flow data export, but Cisco's specific implementation and terminology often refer to this capability as 'flexible NetFlow'.
NetFlow v8 is an older version primarily used for aggregation, which has largely been superseded by flexible NetFlow (IPFIX).
Cisco Threat Defense, including Firepower appliances, leverages flexible NetFlow to collect detailed IP traffic information. Flexible NetFlow allows customization of collected fields and is the evolution of traditional NetFlow, aligning with the IPFIX standard for interoperability.
Concept tested: Cisco Threat Defense NetFlow version
Source: https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/firepower_threat_defense_system_features.html
Topics
Community Discussion
No community discussion yet for this question.