Examice

Exam 350-501 All QuestionsBrowse all questions from this exam

Go to Exam

Question 195

Which additional configuration is required for NetFlow to provide traceback information?

A classification ACL must be configured to identity which type of traffic will be analyzed.

The BGP routing process must be started for any ingress or egress data to be reported when using NetFlow Version 5.

Cisco Express Forwarding must be configured for traffic that is egressing from the router to be property reported.

LLDP must be configured or the device will be unable to locate a NetFlow analyzer.

Correct Answer: A

To enable NetFlow to provide traceback information, a classification ACL must be configured to identify which type of traffic will be analyzed. NetFlow itself can capture detailed information about traffic flow, but to focus on specific types of traffic for traceback purposes, classification ACLs are necessary. These ACLs help filter and categorize traffic, facilitating a more efficient and precise analysis. While Cisco Express Forwarding (CEF) is a prerequisite for enabling NetFlow on a router, it is not an additional configuration specifically needed for providing traceback information; it is a foundational requirement for NetFlow to function in the first place.

Discussion

elroy909Option: C

The answer should be C as cef is a prerequisite for netflow and never seen a classification acl within netflow. https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/netflow/configuration/xe-3s/nf-xe-3s-book/cfg-nflow-data-expt-xe.html

RogerForce

I believe it should be C aswell. Ensure that one of the following is enabled on your router, and on the interfaces that you want to configure NetFlow on: Cisco Express Forwarding (CEF), distributed CEF, or fast switching.

RogerForce

Well I am not sure it is C anymore. I believe it is a tricky question and I would go for A. CEF is a prerequisite for Netflow as stated by elroy999. However, the question says "Which ADDITIONAL configuration is required for Netflow..." which implicit means Netflow is already working properly (so prerequesites as CEF are already met). And the link provided by Penguin is specifically on traceback: Traffic Identification and Traceback At times, you can need to quickly identify and traceback network traffic, especially during incident response or poor network performance. NetFlow and Classification ACLs are the two primary methods to accomplish this with Cisco IOS software. NetFlow can provide visibility into all traffic on the network. Additionally, NetFlow can be implemented with collectors that can provide long-term trending and automated analysis. Classification ACLs are a component of ACLs and require pre-planning to identify specific traffic and manual intervention during analysis. These sections provide a brief overview of each feature. I believe A is the correct answer.

cname404

"you can need to quickly identify and traceback network traffic, especially during incident response or poor network performance. NetFlow and Classification ACLs are the two primary methods to accomplish this with Cisco IOS software. NetFlow can provide visibility into all traffic on the network.", so ACL and Netflow are 2 independent methods; and CEF is a prerequisite for Netflow..so I guess is C.

Worgen44

I agree, after reviewing https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html#anc119

penguin02007Option: A

A is correct. "Classification ACLs are a component of ACLs and require pre-planning to identify specific traffic and manual intervention during analysis." https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html#anc121

thejagOption: C

C - CEF is needed, not optional. ACL is optional. From the link below they show a basic configuration with traceback, no ACLs were configured: https://www.cisco.com/c/en/us/support/docs/ip/access-lists/13608-21.html#anc119

TonBudOption: C

CEF is prerequisite !!