nerdexam
Cisco

350-701 · Question #112

Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

The correct answer is D. A flow-export event type must be defined under a policy.. For Cisco ASA NetFlow v9 Secure Event Logging (NSEL), a flow-export event type command must be explicitly defined under a policy map to specify which security events are exported.

Submitted by deeparc· Mar 30, 2026Network Security

Question

Which statement about the configuration of Cisco ASA NetFlow v9 Secure Event Logging is true?

Options

  • ATo view bandwidth usage for NetFlow records, the QoS feature must be enabled.
  • BA sysopt command can be used to enable NSEL on a specific interface.
  • CNSEL can be used without a collector configured.
  • DA flow-export event type must be defined under a policy.

How the community answered

(57 responses)
  • A
    12% (7)
  • B
    4% (2)
  • C
    5% (3)
  • D
    79% (45)

Why each option

For Cisco ASA NetFlow v9 Secure Event Logging (NSEL), a `flow-export event type` command must be explicitly defined under a policy map to specify which security events are exported.

ATo view bandwidth usage for NetFlow records, the QoS feature must be enabled.

While NetFlow can provide data for bandwidth usage, enabling the QoS (Quality of Service) feature is not a prerequisite for configuring or viewing NetFlow records or NSEL on the ASA.

BA sysopt command can be used to enable NSEL on a specific interface.

NSEL is enabled and configured using `flow-export` commands within a `policy-map` applied to an interface, not through a `sysopt` command, which typically controls global system options.

CNSEL can be used without a collector configured.

NSEL is designed to export event records to an external NetFlow collector for analysis and storage; it cannot be effectively used without a collector configured to receive these records.

DA flow-export event type must be defined under a policy.Correct

In Cisco ASA NSEL, the `flow-export event type` command must be configured within a policy map applied to an interface to instruct the ASA to generate and export NetFlow records for specific security events like flow creation, denial, or teardown.

Concept tested: Cisco ASA NSEL configuration

Source: https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/monitor_netflow.html#pgfId-1077678

Topics

#Cisco ASA#NetFlow v9#NSEL#Flow Export Configuration

Community Discussion

No community discussion yet for this question.

Full 350-701 Practice