New CCNA – NetFlow Questions
Question 1
What are the benefit of using Netflow? (Choose three)
A. Network, Application & User Monitoring
B. Network Planning
C. Security Analysis
D. Accounting/Billing
Answer: A C D
Explanation
NetFlow traditionally enables several key customer applications including:
+ Network Monitoring – NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.
+ Application Monitoring and Profiling – NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.
+ User Monitoring and Profiling – NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and application resources as well as to detect and resolve potential security and policy violations.
+ Network Planning – NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.
+ Security Analysis – NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.
+ Accounting/Billing – NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.
Question 2
What are the three things that the NetFlow uses to consider the traffic to be in a same flow?
A. IP address
B. Interface name
C. Port numbers
D. L3 protocol type
E. MAC address
Answer: A C D
Explanation
What is an IP Flow?
Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. These attributes are the IP packet identity or fingerprint of the packet and determine if the packet is unique or similar to other packets.
Traditionally, an IP Flow is based on a set of 5 and up to 7 IP packet attributes.
IP Packet attributes used by NetFlow:
+ IP source address
+ IP destination address
+ Source port
+ Destination port
+ Layer 3 protocol type
+ Class of Service
+ Router or switch interface
(Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html)
Question 3
What NetFlow component can be applied to an interface to track IPv4 traffic?
A. flow monitor
B. flow record
C. flow sampler
D. flow exporter
Answer: A
Explanation
Flow monitors are the Flexible NetFlow component that is applied to interfaces to perform network traffic monitoring. Flow monitors consist of a record and a cache. You add the record to the flow monitor after you create the flow monitor. The flow monitor cache is automatically created at the time the flow monitor is applied to the first interface. Flow data is collected from the network traffic during the monitoring process based on the key and nonkey fields in the record, which is configured for the flow monitor and stored in the flow monitor cache.
For example, the following example creates a flow monitor named FLOW-MONITOR-1 and enters Flexible NetFlow flow monitor configuration mode:
Router(config)# flow monitor FLOW-MONITOR-1
Router(config-flow-monitor)#
(Reference: http://www.cisco.com/c/en/us/td/docs/ios/fnetflow/command/reference/fnf_book/fnf_01.html#wp1314030)
Question 4
What command visualizes the general NetFlow data on the command line?
A. show ip flow export
B. show ip flow top-talkers
C. show ip cache flow
D. show mls sampling
E. show mls netflow ip
Answer: C
Explanation
The “show ip cache flow” command displays a summary of the NetFlow accounting statistics.
Question 5
What are three reasons to collect NetFlow data on a company network? (Choose three)
A. To identify applications causing congestion.
B. To authorize user network access.
C. To report and alert link up / down instances.
D. To diagnose slow network performance, bandwidth hogs, and bandwidth utilization.
E. To detect suboptimal routing in the network.
F. To confirm the appropriate amount of bandwidth that has been allocated to each Class of Service.
Answer: A D F
Explanation
NetFlow facilitates solutions to many common problems encountered by IT professionals.
+ Analyze new applications and their network impact
Identify new application network loads such as VoIP or remote site additions.
+ Reduction in peak WAN traffic
Use NetFlow statistics to measure WAN traffic improvement from application-policy changes; understand who is utilizing the network and the network top talkers.
+ Troubleshooting and understanding network pain points
Diagnose slow network performance, bandwidth hogs and bandwidth utilization quickly with command line interface or reporting tools. -> D is correct.
+ Detection of unauthorized WAN traffic
Avoid costly upgrades by identifying the applications causing congestion. -> A is correct.
+ Security and anomaly detection
NetFlow can be used for anomaly detection and worm diagnosis along with applications such as Cisco CS-Mars.
+ Validation of QoS parameters
Confirm that appropriate bandwidth has been allocated to each Class of Service (CoS) and that no CoS is over- or under-subscribed.-> F is correct.
(Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html)
Question 6
What are three factors a network administrator must consider before implementing Netflow in the network? (Choose three)
A. CPU utilization
B. where Netflow data will be sent
C. number of devices exporting Netflow data
D. port availability
E. SNMP version
F. WAN encapsulation
Answer: A B C
Question 7
What Cisco IOS feature can be enabled to pinpoint an application that is causing slow network performance?
A. SNMP
B. Netflow
C. WCCP
D. IP SLA
Answer: B
Here is also another text describing the use of NetFlow from the same chapter:
There are many potential uses of the statistics that NetFlow provides; however, most organizations use NetFlow for some or all of the following important data collection purposes:
Measuring who is using what network resources for what purpose.
Accounting and charging back according to the resource utilization level.
Using the measured information to do more effective network planning so that resource allocation and deployment is well-aligned with customer requirements.
Using the information to better structure and customize the set of available applications and services to meet user needs and customer service requirements
please comment more….
Hi great blog,
Thanks for all the posting help a lot.
please anyone can help and send the latest dumps for ccna 200-120 to my email :
Crypterdk@gmail.com
thanking you in advance
:-)
can anyone send me the latest dumps. my email darryadedi@gmail.com
can anyone send me the latest dumps. my email roumila62@live.fr, thank’s
can anyone send me the latest dumps,my email kennymombo@gmail.com
can anyone send me the latest dumps,my email iliagiurov@abv.bg
Hi everyone. pass my exam today 986. Sims ACL, ACL2 different IP – mode 3 – looking for Host B to get access to Web Server. EIGRP AS22.
I think all question are in 9tut, 90% any way. I only study watson dumps and 9tut.
Good luck to everyone!!
Thanks 9tut.
I need site for CCNP DUMPS LIKE THIS SITE ,PLEASE HELP ME
Neely , go to DigitalTUT.com for CCNP Route
i want exam plz send me vce (mdzilani1989@gmail.com)
Q3 was in exam today
can u please send me the watson 2013-12-10 dump ( 333 voted dump ) + the vce version which will make it work whatever it is … kindly send it to my email (mohamed.essammohamed203@gmail.com) thanks in advance
Quelqu’un peut m’envoyer la dernière version de VCE mon email est: krammerkkjm@yahoo.fr
can us please send me the last version of vce to my email: krammerkkjm@yahoo.fr
I want exam please send me vce (jmkra@foqux.com
Dear all
Please anyone send a recently dump because the next week I Have the exam CCNA , my mail is alessandro1982to@gmail.com
Thanks
Anyone with the last version of VCE, I’ll apreciate it!!! adiolalo@gmail.com
hey can anyone tell me d correct answer for question 1
watson dump says d answer is A,C,D
Hi Warior..could u pls send over the watson dumps..Thanks in advance!!
mail-id : praveenbms0302@gmail.com
hey brothers can any one send me watson dumps i have exam in next 4 days azarmohammed89@gmail.com
Hi, great site. Can someone please send me watson dumps? christopher.airey1988@googlemail.com
question 3 on exam today
Q1, Q2, and Q3 is on my exam today, I got 973 score!
Anyone have the latest dump of the CCNA, email is crazy4hlm@yahoo.com. thx
q4,q7 on exam today
Turki alshhrani November 10th, 2014
Hi everyone ,please email my the latest dumps for CCNA2014 in my email address
Thabks and Good look
Turki1930@hotmail.com
i am a chinese.where can i find out the Netflow tutorial.thank you …
in question 1, all four answers are correct. They are in the explanation. How do you choose A, C, D and not ABD or ABC etc ?
thanks for your input
q5 and modified q2 in today exam
Can someone please send me the last CCNA dumps ?
i’ve scheduled the exam 12 Nov , please help me send me soleanord73@gmail.com
Hi everyone ,please email my the latest dumps for CCNA2014 in my email address
Thabks and Good look
soleanord73@gmail.com
Q 2, 3, 4 and 7 were there in exam on 10th Dec’14
Q 2, 3, 4 and 7 were there in exam on 10th Nov’14
Que 2&3 in today’s exam
Hi everyone ,can you please email me the latest dumps for CCNA in my email address
Thanks and God Bless
hamizo@gmail.com
thanx a lot
in que 1 y the options 2 and 3 are wrong????????
pls rpl………….
Hey Guys !!
can anyone please send Watson Dumps Mail iD- sahilcoolit@gmail.com
Thanks
In question 1: why is option 2 wrong. It is clearly stated in the benefits in the explanation.
hi all. can someone send me both the Watson and 9tut ccna 200-120 please? jernessg@yahoo.com. thanks.
Hello every one,
Going to take ccna 200-120 exam in 15 days.
It would be highly appreciated if some one send me latest dumps and exam practice question.
Thanks in advance.
my email id : Preet2fun@yahoo.com
Dear All
Regarding all CISCO exams CCNA CCNA Security CCNP (Route Switch Tshoot) updated valid dumps & Exam discount vouchers available globally.
1. CCNA 200-120 60 % discounted vouchers
2. CCNP (Route Switch TShoot) 25 % discounted Vouchers
3. CCNA Security 640-554 60 % discounted Vouchers
Ask any kind of technical and exam related questions from our CCIE experts.
Feel Free to Contact
Email Contact:dheprofessionals@gmail.com
Skype Id:net.rideplay
Thanks
Best Regard
Admins
can anyone send me the latest dumps joshiyash82@gmail.com
Q3, Q6 were on my exam on 21th Nov
Q 4,6,7 today.
Today I Passed The CCNA exam with 993. most of questions from 9tut. I have my vce file with the vce player. asanka11@gmail.com
but nothing more 9tut is more than enough. do not wast your time with any site. follow 9tut.
Thank you very much 9tut.
Q3,Q4 were on my exam 27th Nov, Thank 9tut
Q3,4 in today
Guys , why B is not the answer in Q1 because it is there in the explanation ? Help me out .
I think that in q1 b is not correct because b is an implicit goal of netflow and a,c,d are explicit goal of net flow.
our original goal of using netflow are a,c,d
best regard