CCNA Netflow questions

Started by certforumz, January 14, 2016, 07:09:31 AM

Previous topic - Next topic

certforumz

#1
Q1.  What are the benefit of using Netflow? (Choose three most appropriate answers)
A. Network Planning
B. Accounting/Billing
C. Network, Application & User Monitoring
D. Security Analysis

ans.  B, C, D

Explanation:
NetFlow traditionally enables several key customer applications including:

+ Network Monitoring – NetFlow data enables extensive near real time network monitoring capabilities. Flow-based analysis techniques may be utilized to visualize traffic patterns associated with individual routers and switches as well as on a network-wide basis (providing aggregate traffic or application based views) to provide proactive problem detection, efficient troubleshooting, and rapid problem resolution.

+ Application Monitoring and Profiling – NetFlow data enables network managers to gain a detailed, time-based, view of application usage over the network. This information is used to plan, understand new services, and allocate network and application resources (e.g. Web server sizing and VoIP deployment) to responsively meet customer demands.

+ User Monitoring and Profiling – NetFlow data enables network engineers to gain detailed understanding of customer/user utilization of network and application resources. This information may then be utilized to efficiently plan and allocate access, backbone and application resources as well as to detect and resolve potential security and policy violations.

+ Network Planning – NetFlow can be used to capture data over a long period of time producing the opportunity to track and anticipate network growth and plan upgrades to increase the number of routing devices, ports, or higher- bandwidth interfaces. NetFlow services data optimizes network planning including peering, backbone upgrade planning, and routing policy planning. NetFlow helps to minimize the total cost of network operations while maximizing network performance, capacity, and reliability. NetFlow detects unwanted WAN traffic, validates bandwidth and Quality of Service (QOS) and allows the analysis of new network applications. NetFlow will give you valuable information to reduce the cost of operating your network.

+ Security Analysis – NetFlow identifies and classifies DDOS attacks, viruses and worms in real-time. Changes in network behavior indicate anomalies that are clearly demonstrated in NetFlow data. The data is also a valuable forensic tool to understand and replay the history of security incidents.

+ Accounting/Billing – NetFlow data provides fine-grained metering (e.g. flow data includes details such as IP addresses, packet and byte counts, timestamps, type-of-service and application ports, etc.) for highly flexible and detailed resource utilization accounting. Service providers may utilize the information for billing based on time-of-day, bandwidth usage, application usage, quality of service, etc. Enterprise customers may utilize the information for departmental charge-back or cost allocation for resource utilization.

(Reference: http://www.cisco.com/en/US/products/sw/netmgtsw/ps1964/products_implementation_design_guide09186a00800d6a11.html#wp1030045)

Q2. Which protocol can cause overload on a CPU of a managed device?
A. Netflow
B. WCCP
C. IP SLA
D. SNMP

Ans: D

Q3. Which one of these is a valid HSRP Virtual Mac Address?

A. 0000.C007.0201
B. 0000.0C07.AC01
C. 0007.B400.1203
D. 0000.5E00.0110

Ans. B
Explanation:

Q4.  What are the three things that the Netflow uses to consider the traffic to be in a same flow? (choose 3)
A. IP address
B. MAC address
C. L3 protocol type
D. Port numbers
E. Interface name

Ans: A, C, D
Explanation:
Each packet that is forwarded within a router or switch is examined for a set of IP packet attributes. These attributes are the IP packet identity or fingerprint of the packet and determine if the packet is unique or similar to other packets.
Traditionally, an IP Flow is based on a set of 5 and up to 7 IP packet attributes.
IP Packet attributes used by NetFlow:
+ IP source address
+ IP destination address
+ Source port
+ Destination port
+ Layer 3 protocol type
+ Class of Service
+ Router or switch interface

(Reference: http://www.cisco.com/c/en/us/products/collateral/ios-nx-os-software/ios-netflow/prod_white_paper0900aecd80406232.html)


Q5. Which is true about OSPF router-id? (Choose two best answers )

A. router-id needs to be matched on ospf neighbors
B. Highest IP address of the loopback is used
C. router-id is 16 bit
D. It is used for type 1 router LSA

Ans. B, D
Explanation:


Q6. What is the default Syslog facility level?

A. local4
B. local6
C. local5
D. local7

Ans. D
Explanation:

Q7. What command instructs the device to timestamp Syslog debug messages in milliseconds?

A. service timestamps log datetime localtime
B. service timestamps debug datetime localtime
C. service timestamps log datetime msec
D. service timestamps debug datetime msec

Ans. D
Explanation:


Q8. What Cisco IOS feature can be enabled to pinpoint an application that is causing slow network performance?

A. SNMP
B. IP SLA
C. WCCP
D. Netflow

Ans. D
Explanation:

Q9. When a router undergoes the exchange protocol within OSPF, in what order does it pass through each state?
A. exstart state > exchange state > loading state > full state
B. exstart state > loading state > exchange state > full state
C. exstart state > full state > loading state > exchange state
D. loading state > exchange state > full state > exstart state

Ans. A
Explanation:

Q10. What command visualizes the general NetFlow data on the command line? 

A. show mls netflow ip
B. show ip flow export
C. show mls sampling
D. show ip flow top-talkers
E. show ip cache flow

Ans. E

Explanation:
The "show ip cache flow" command displays a summary of the NetFlow accounting statistics.
http://certforumz.com/index.php?action=dlattach;topic=1315.0;attach=3931