New CCNA – NetFlow Questions
Question 1
What are the benefit of using Netflow? (Choose three)
A. Network, Application & User Monitoring
B. Network Planning
C. Security Analysis
D. Accounting/Billing
Answer: A C D
Explanation
NetFlow traditionally enables several key customer applications including:
+ Network Monitoring – NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.
+ Application Monitoring and Profiling – NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.
+ User Monitoring and Profiling – NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and application resources as well as to detect and resolve potential security and policy violations.
+ Network Planning – NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.
+ Security Analysis – NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.
+ Accounting/Billing – NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.
Question 2
What are the three things that the NetFlow uses to consider the traffic to be in a same flow?
A. IP address
B. Interface name
C. Port numbers
D. L3 protocol type
E. MAC address
Answer: A C D
Explanation
What is an IP Flow?
Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. These attributes are the IP packet identity or fingerprint of the packet and determine if the packet is unique or similar to other packets.
Traditionally, an IP Flow is based on a set of 5 and up to 7 IP packet attributes.
IP Packet attributes used by NetFlow:
+ IP source address
+ IP destination address
+ Source port
+ Destination port
+ Layer 3 protocol type
+ Class of Service
+ Router or switch interface
(Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html)
Question 3
What NetFlow component can be applied to an interface to track IPv4 traffic?
A. flow monitor
B. flow record
C. flow sampler
D. flow exporter
Answer: A
Explanation
Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record and a cache. You add the record to the flow monitor after you create the flow monitor. The flow monitor cache is automatically created at the time the flow monitor is applied to the first interface. Flow data is collected from the network traffic during the monitoring process based on the key and nonkey fields in the record, which is configured for the flow monitor and stored in the flow monitor cache.
For example, the following example creates a flow monitor named FLOW-MONITOR-1 and enters Flexible NetFlow flow monitor configuration mode:
Router(config)# flow monitor FLOW-MONITOR-1
Router(config-flow-monitor)#
(Reference: http://www.cisco.com/c/en/us/td/docs/ios/fnetflow/command/reference/fnf_book/fnf_01.html#wp1314030)
Question 4
What command visualizes the general NetFlow data on the command line?
A. show ip flow export
B. show ip flow top-talkers
C. show ip cache flow
D. show mls sampling
E. show mls netflow ip
Answer: C
Explanation
The “show ip cache flow” command displays a summary of the NetFlow accounting statistics.
Question 5
What are three reasons to collect NetFlow data on a company network? (Choose three)
A. To identify applications causing congestion.
B. To authorize user network access.
C. To report and alert link up / down instances.
D. To diagnose slow network performance, bandwidth hogs, and bandwidth utilization.
E. To detect suboptimal routing in the network.
F. To confirm the appropriate amount of bandwidth that has been allocated to each Class of Service.
Answer: A D F
Explanation
NetFlow facilitates solutions to many common problems encountered by IT professionals.
+ Analyze new applications and their network impact
Identify new application network loads such as VoIP or remote site additions.
+ Reduction in peak WAN traffic
Use NetFlow statistics to measure WAN traffic improvement from application-policy changes; understand who is utilizing the network and the network top talkers.
+ Troubleshooting and understanding network pain points
Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly with command line interface or reporting tools. -> D is correct.
+ Detection of unauthorized WAN traffic
Avoid costly upgrades by identifying the applications causing congestion. -> A is correct.
+ Security and anomaly detection
NetFlow can be used for anomaly detection and worm diagnosis along with applications such as Cisco CS-Mars.
+ Validation of QoS parameters
Confirm that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no CoS is over- or under-subscribed.-> F is correct.
(Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html)
Question 6
What are three factors a network administrator must consider before implementing Netflow in the network? (Choose three)
A. CPU utilization
B. where Netflow data will be sent
C. number of devices exporting Netflow data
D. port availability
E. SNMP version
F. WAN encapsulation
Answer: A B C
Question 7
What Cisco IOS feature can be enabled to pinpoint an application that is causing slow network performance?
A. SNMP
B. Netflow
C. WCCP
D. IP SLA
Answer: B
in Q1
how network planning is not chose in the answers and is written from the benefits of NETFlow in the explanation
re: q1
I believe that network planning is where its the least used option
Is it very much necessary to go deep into the topics netflow ,syslogs,snmp …?
That’s a typical cisco question for you, only in cisco can you be wrong and right at the same time
get VCE Player new version just for 1$ email me if you want copy abidlatki9@gmail.com
you can find vce player on forums just for free..
I passed my exam yesterday with good marks. I studies from the pass4sure dumps which are a 100% valid. I am willing to share them. If anyone is interested email me at gattumania@outlook.com
Hi to all! Kindly email me the latest dumps for CCNA 200-120, I plan to take CCNA exam by end of May. Email me at jamjamalaca@yahoo.com
Thanks!
can any one send me the lastest dumps and VCE software at haroon.talha@gmail.com..thankul to you
gattumania@outlook.com is a fake and he is only posting to get you to buy a dump!! Please ignore!!
@9tut
i want more knowledge of snmp netflow or syslog pls update the theory
Q3 and Q4 was in today exam
***** Passed My Exam*******
Hey guys i just passed my exam.thanks to 9tut and pass4sure dumps
I have the latest dumps.mail me to get them at gattumania@outlook.com
@9tut – you are a real super hero..a real super man.
I think i should call you AMAZING 9TUT-MAN
Thank you so much for all your assist.
I got 986/1000.
All questions were from 9tut.
There were few new questions..some one has already discussed here earlier.
sim were ACL,ACL2(with 3rd modification and host was “B” instead of “C”.wrong IP address was configured on interface which was connected to ISP.I tried to remove that, but command “no ip address 192.168.18.2 255.255.255.0 was not working.strange !! just “NO IP ADDRESS ” resolved that problem ) & EIGRP with AS 12 and passive interface on ISP interface,main router was advertising one extra network which was not in topology.Remove that one.
New questions were :
authentication type of SNMPV2
Benefit of multi-area in ospf
Ether-channel – out put was given & que was “which configuration is required to get this out put.? you will found mode- “passive” and channel-group no. with this you can select correct option.
DUMPS are very helpfull,please practice all dumps.ALL QUESTIONS ARE FROM THESE DUMPS
I FOLLOWED-
Cisco.Passguide.200-120.v2013-12-30.by.Matthew.319q.vce
Cisco.Actualtests.200-120.CCNA.v2013-10-01.by.examtut.278q.vce
Cisco.Actualtests.200-120.v2013-12-10.by.Watson.314q.vce
these all are available on examcollection.com
9tut gives a big help.practice here daily.
All the best friends !!
que.no.3,4,7 was in exam today
can any one send me the lastest dumps at tweneboahotis@gmail.com
Just took ccna, most of the questions were from these! Very helpful !!
Hi to all! Kindly email me the latest dumps for CCNA 200-120, I plan to take CCNA exam next week. Email me at junior_ym@live.com
Thanks!
q 6 & 7 in exam today
Hello,
Please email me the latest dumps for the CCNA 200-120. I HAVE TO take the exam by the end of next week. Please email me at mahbub9803@yahoo.com
I will really appreciate your help. Thank you.
I have latest CCNA 200-120 dumps. Email me at gattumania@outlook.com
Hi,
Please email me the latest dumps for the CCNA 200-120. I HAVE TO take the exam by the end of next week. Please email me at kherbek@gmail.com
I will really appreciate your help. Thank you.
Are the dumps available for free?
Passed today with 958.
All questions from Watson 314, examtut 278, and N.S. 32 and Sims here on 9tut.
Sims were ACL 1 ACL 2 and EIGRP (change AS number).
Thanks 9tut.
Q1, Q3 and Q5 were in the exam today, guys.
I am taking my exam next week. Please send me the CCNA 200-120 dumps to ramya.muniraju@gmail.com
I’ve just taken the exam and encountered a new question. It asked which three are required to analyze netflow or something and the answer was all related to IP things, source IP address, destination IP address and IP next hop.
Hope this is helpful just like I got numerous help from here.
The answer for the new netflow question:
The three values that must be the same within a sequence of packets for NetFlow to consider
them a network flow are the source IP address, the ingress interface, and the destination IP
address.
Latest dumps please, will be taking the exam in a few weeks,, my email add is sjmc10@gmail.com
Hi to all! Kindly email me the latest dumps for CCNA 200-120, I plan to take CCNA exam by 04 july . Email me at carnotf@ymail.com
What are three values that must be the same within a sequence of packets for Netflow to consider them a network flow? (Choose three.)
A. source IP address
B. source MAC address
C. egress interface
D. ingress interface
E. destination IP address
F. IP next-hop
Some answers say it’s A, E, F but some say it’s A, E, D. Which is which?
Please help. Thanks.
can any one tell me the anwer of below three questions ?
1)authentication type of SNMPV2
2) Benefit of multi-area in ospf
3) Ether-channel – out put was given & que was “which configuration is required to get this out put.? you will found mode- “passive” and channel-group no. with this you can select correct option.
vb03121989@gmail.com
@Anonymous:
1) Message Digest 5 (MD5) or Secure Hash Algorithm (SHA)
2) – the smaller per-area LSDB requires less memory
– routers require fewer CPU cycles to process the smaller per-area LSDB with the SPF
algorithm, reducing CPU overhead and improving convergence time
– changes in the network (i.e. links failing and recovering) requires SPF calculations only on
routers connected to the area where the link changed state, reducing the number of
routers that must rerun SPF
– less information must be advertised between areas, reducing the bandwidth required to
send LSAs
3)
Router#show etherchannel 1 port-channel
Port-channels in the group:
———————-
Port-channel: Po1
————
Age of the Port-channel = 01h:56m:20s
Logical slot/port = 10/1 Number of ports in agport = 2
GC = 0×00010001 HotStandBy port = null
Passive port list = Fa3/1 Fa3/2
Port state = Port-channel L3-Ag Ag-Inuse
Ports in the Port-channel:
Index Load Port
——————-
0 55 Fa3/1
1 AA Fa3/2
Time since last port bundled: 01h:55m:44s Fa3/2
Router#
Cisco documentation has an error!
Above #Router should be #Switch
you can see here:
http://www.cisco.com/c/en/us/support/docs/lan-switching/etherchannel/21066-135.html#show
Snmpv2 authentication type community strings.Snmpv2 is different from snmpv2c which has the authentication type of md5 and sha.
@sunny
snmp v3 has the authentication type of MD5 and SHA
kevin its A, E, D
Q3 & 6 was in the today exam
Q7
hi Confused! where did you take your exam? im from philippines. thanks.
Q7 was in today exam
Any ccna dumps please mail anirudh12b9@gmail.com
please send me anyone latest CCNA dumps mohdyasir.ahmad396@gmail.com
This site was helpful in getting me over the top. But just memorizing questions will not really help you pass the exam and also get a job doing networking. I also built a CCNA lab using the suggestions here http://www.certificationkits.com/ccnp-lab-suggestions/ with 3 routers and 3 switches and I did all of the labs in the CCNA lab workbook. It really helped me understand the concepts so I could answer the questions on the exam properly. It also helped me during my interview as I was able to tell the hiring manager the different routers and switches that I had experience on from my lab. I started my new job last Monday I am loving it :)
Are dumps really useful? Saw a lot of chatter about “Watson dumps”, is this the best? Plan to take the CCNA in August can anybody help me with this information.
wesseljake@gmail.com
Thanks,
Jake
please send me anyone latest CCNA dumps gimiricho@yahoo.com
Q4 Q5 in my exam yesterday
Q7 was in the exam recently
thank you
Questions 6, 7 were on the test this morning. passed