352-001 Question #67: Real Exam Question with Answer & Explanation

The correct answer is B: at the central site, because all traffic from the remotes will be seen there.. In a hub-and-spoke WAN topology, all inter-branch traffic must traverse the central site, making it the optimal single deployment point for flow monitoring to capture complete branch-to-branch visibility.

Question

Your enterprise customer has asked where they should deploy flow monitoring in their network to monitor traffic between branch offices. What is your design recommendation?

Options

Aat the edge of the network so that user traffic will be seen
Bat the central site, because all traffic from the remotes will be seen there.
Cin the core, because all traffic will be seen there
Din the data center, because all user traffic will be seen there

Explanation

In a hub-and-spoke WAN topology, all inter-branch traffic must traverse the central site, making it the optimal single deployment point for flow monitoring to capture complete branch-to-branch visibility.

Common mistakes.

A. Monitoring only at the network edge captures traffic at one boundary point and misses the full picture of flows between all other branch offices.
C. A separate core layer may not exist in a hub-and-spoke WAN design, and inter-branch traffic does not necessarily traverse a distinct core segment.
D. The data center carries server-to-client traffic but not necessarily peer branch-to-branch user flows, so monitoring there would miss inter-branch traffic.

Concept tested. NetFlow monitoring placement in hub-and-spoke WAN topology

Reference. https://www.cisco.com/c/en/us/products/ios-nx-os-software/ios-netflow/index.html

Community Discussion

No community discussion yet for this question.

Full 352-001 Practice