Courseiva
Knowledge + Practice
CertificationsVendorsCareer RoadmapsLabs & ToolsStudy GuidesGlossaryPractice Questions
C
Courseiva

Free IT certification practice questions with explained answers for CCNA, CompTIA, AWS, Azure, Google Cloud, and more.

Certification Practice Questions

CCNA practice questionsSecurity+ SY0-701 practice questionsAWS SAA-C03 practice questionsAZ-104 practice questionsAZ-900 practice questionsCLF-C02 practice questionsA+ Core 1 practice questionsGoogle Cloud ACE practice questionsCySA+ CS0-003 practice questionsNetwork+ N10-009 practice questions
View all certifications →

Product

CertificationsCertification PathsExam TopicsPractice TestsExam Dumps vs Practice TestsStudy HubComparisons

Company

AboutContactEditorial PolicyQuestion Writing PolicyTrust Center

Legal

Privacy PolicyTerms of Service

Courseiva is a free IT certification practice platform offering original exam-style practice questions, detailed explanations, topic-based practice, mock exams, readiness tracking, and study analytics for Cisco, CompTIA, Microsoft, AWS, and other technology certifications.

© 2026 Courseiva. Courseiva is operated by JTNetSolutions Ltd. All rights reserved.

Courseiva is an independent certification practice platform and is not affiliated with, endorsed by, or sponsored by Cisco, Microsoft, AWS, CompTIA, Google, ISC2, ISACA, or any other certification vendor. Vendor names and certification marks are used only to identify the exams learners are preparing for.

← NetFlow and Flexible NetFlow practice sets

300-410 NetFlow and Flexible NetFlow • Complete Question Bank

300-410 NetFlow and Flexible NetFlow — All Questions With Answers

Complete 300-410 NetFlow and Flexible NetFlow question bank — all 0 questions with answers and detailed explanations.

76
Questions
Free
No signup
Certifications/300-410/Practice Test/NetFlow and Flexible NetFlow/All Questions
Question 1mediummultiple choice
Read the full network assurance explanation →

A network engineer is troubleshooting a sudden drop in NetFlow data on a Cisco router running IOS-XE 17.x. The engineer verifies that 'ip flow-export destination 10.1.1.100 2055' is configured, and the collector is reachable. However, 'show ip flow export' shows zero packets exported. What is the most likely cause?

Question 2mediummultiple choice
Read the full network assurance explanation →

An engineer configures Flexible NetFlow on a Cisco router to monitor traffic on GigabitEthernet0/1. The flow record is defined with 'match ipv4 source address' and 'collect counter bytes'. The flow exporter sends data to 192.168.1.10:2055. After applying the monitor to the interface, 'show flow monitor name MONITOR cache' shows zero entries. What is the most likely root cause?

Question 3hardmultiple choice
Read the full network assurance explanation →

A network engineer configures Flexible NetFlow to export traffic statistics for a VRF named CUSTOMER_A. The configuration includes 'flow exporter EXPORTER' with destination 10.10.10.10:2055 and 'vrf CUSTOMER_A' under the exporter. The flow monitor is applied to the VRF interface. However, 'show flow monitor name MONITOR cache' shows no entries for VRF traffic. What is the most likely cause?

Question 4hardmultiple choice
Read the full network assurance explanation →

An engineer notices that NetFlow export packets are being sent from a router but the collector reports missing data for certain flows. The engineer checks 'show ip flow export' and sees 'Exporting flows to 10.1.1.100 (2055)' with packets being sent. However, 'show flow monitor name MONITOR cache' shows many flows with zero byte counts. What is the most likely cause?

Question 5mediummultiple choice
Read the full network assurance explanation →

A network engineer configures a Flexible NetFlow monitor to capture traffic on a router's WAN interface. The flow record includes 'match ipv4 source address', 'match ipv4 destination address', and 'collect counter bytes'. After applying the monitor, 'show flow monitor name MONITOR cache' shows flows, but the collector receives no data. 'show flow exporter name EXPORTER statistics' shows 'Export packets sent: 0'. What is the most likely cause?

Question 6hardmultiple choice
Study the full IPv6 explanation →

An engineer configures Flexible NetFlow on a router to monitor both IPv4 and IPv6 traffic. The flow record is defined with 'match ipv4 source address' and 'match ipv6 source address'. After applying the monitor to an interface, 'show flow monitor name MONITOR cache' shows only IPv4 flows. What is the most likely cause?

Question 7mediummultiple choice
Read the full network assurance explanation →

A network engineer configures NetFlow on a router using the legacy 'ip flow-export' commands. After applying 'ip route-cache flow' on an interface, 'show ip flow export' shows packets being sent, but the collector reports that all flows have a source IP of the router's management interface instead of the actual source IPs. What is the most likely cause?

Question 8hardmultiple choice
Read the full network assurance explanation →

An engineer configures Flexible NetFlow with a flow record that includes 'match ipv4 protocol' and 'collect counter packets'. The flow monitor is applied to an interface. 'show flow monitor name MONITOR cache' shows flows, but the packet counts are much lower than expected based on interface counters. What is the most likely cause?

Question 9hardmultiple choice
Open the full VLAN trunking answer →

A network engineer configures Flexible NetFlow on a router to monitor traffic on a trunk interface with multiple VLANs. The flow monitor is applied to the physical interface. The engineer notices that all flows show the same VLAN ID in the collector, even though traffic from different VLANs is present. What is the most likely cause?

Question 10mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow exporter EXPORTER-1

Flow Exporter EXPORTER-1: Description: Exports to collector Export protocol: NetFlow Version 9 Transport Configuration: Destination IP address: 192.168.1.100 Source IP address: 10.0.0.1 Transport Protocol: UDP Destination Port: 2055 Source Port: 0 Collector Configuration: VRFs: Default Options Configuration: Sampler: Not configured Export Statistics: Number of Flows exported: 0 Number of Packets exported: 0 Number of Source IP address unreachable: 0 Number of Packets dropped: 0

Based on this output, what is the most likely reason that no flows are being exported?

Question 11mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow monitor FLOW-MONITOR-1 cache format table

Cache type: Normal Cache size: 1000 Current entries: 0 High Watermark: 0

Flows added: 0 Flows aged: 0 - Active timeout (1800 secs) 0 - Inactive timeout (15 secs) 0 - Event aged 0 - Watermark aged 0 - Emergency aged 0

Based on this output, what is the most likely problem?

Question 12mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow monitor FLOW-MONITOR-1 cache format table

Cache type: Normal Cache size: 1000 Current entries: 500 High Watermark: 800

Flows added: 15000 Flows aged: 14500 - Active timeout (1800 secs) 12000 - Inactive timeout (15 secs) 2500 - Event aged 0 - Watermark aged 0 - Emergency aged 0

Based on this output, what is a valid conclusion?

Question 13easymultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow monitor FLOW-MONITOR-1 statistics

Monitor: FLOW-MONITOR-1 Record: netflow-original Exporter: EXPORTER-1 Cache size: 1000 Current entries: 0 Flows exported: 0 Packets exported: 0

Sampler: Not configured

Flow Monitor is not attached to any interface

Based on this output, what action should the engineer take to resolve the issue?

Question 14mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow exporter EXPORTER-1 statistics

Flow Exporter: EXPORTER-1 Packet send statistics (last 30 seconds): Packets sent: 0 Packets dropped: 0 Packets unsent: 0

Client send statistics: Packets sent: 0 Packets dropped: 0 Packets unsent: 0

Export statistics: Number of Flows exported: 0 Number of Packets exported: 0 Number of Source IP address unreachable: 0 Number of Packets dropped (no route): 0 Number of Packets dropped (queue full): 0

Based on this output, what is the most likely cause of no exports?

Question 15hardmultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow monitor FLOW-MONITOR-1 cache format table

Cache type: Normal Cache size: 1000 Current entries: 1000 High Watermark: 1000

Flows added: 50000 Flows aged: 49000 - Active timeout (1800 secs) 40000 - Inactive timeout (15 secs) 8000 - Event aged 0 - Watermark aged 1000 - Emergency aged 0

Based on this output, what is the most likely issue?

Question 16easymultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow interface GigabitEthernet0/1

Interface GigabitEthernet0/1

FNF: monitor Monitor: FLOW-MONITOR-1 direction: Input traffic-statistics: enabled

Based on this output, what can be concluded?

Question 17hardmultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow monitor FLOW-MONITOR-1 cache format table

Cache type: Normal Cache size: 1000 Current entries: 0 High Watermark: 0

Flows added: 0 Flows aged: 0 - Active timeout (1800 secs) 0 - Inactive timeout (15 secs) 0 - Event aged 0 - Watermark aged 0 - Emergency aged 0

R1# show flow interface GigabitEthernet0/1

Interface GigabitEthernet0/1

FNF: monitor Monitor: FLOW-MONITOR-1 direction: Input traffic-statistics: enabled

Based on both outputs, what is the most likely problem?

Question 18mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command on Router R1:

R1# show flow exporter EXPORTER-1

Flow Exporter EXPORTER-1: Description: Exports to collector Export protocol: NetFlow Version 9 Transport Configuration: Destination IP address: 192.168.1.100 Source IP address: 10.0.0.1 Transport Protocol: UDP Destination Port: 2055 Source Port: 0 Collector Configuration: VRFs: Default Options Configuration: Sampler: Not configured Export Statistics: Number of Flows exported: 5000 Number of Packets exported: 250 Number of Source IP address unreachable: 10 Number of Packets dropped: 0

Based on this output, what is the most likely issue?

Question 19mediummultiple choice
Read the full network assurance explanation →

Examine the following partial configuration on router R1:

flow record RECORD-1 match ipv4 source address match ipv4 destination address match ipv4 protocol collect counter bytes collect counter packets ! flow monitor MONITOR-1 record RECORD-1 cache timeout active 60 !

interface GigabitEthernet0/1
 ip flow monitor MONITOR-1 input

!

Which statement about this configuration is true?

Question 20mediummultiple choice
Read the full network assurance explanation →

Consider the following partial configuration on router R2:

flow exporter EXPORTER-1 destination 192.168.1.100 source Loopback0 transport udp 2055 ! flow monitor MONITOR-2 exporter EXPORTER-1 record netflow ipv4 original-input cache timeout active 30 !

interface GigabitEthernet0/2
 ip flow monitor MONITOR-2 input

!

What is the effect of this configuration?

Question 21mediummultiple choice
Read the full network assurance explanation →

Examine this partial configuration on router R3:

flow record RECORD-2 match ipv4 source address match ipv4 destination address match ipv4 protocol match transport source-port match transport destination-port collect counter bytes collect counter packets ! flow monitor MONITOR-3 record RECORD-2 cache timeout active 60 cache timeout inactive 15 !

interface GigabitEthernet0/3
 ip flow monitor MONITOR-3 input
 ip flow monitor MONITOR-3 output

!

Which statement is true about this configuration?

Question 22mediummultiple choice
Read the full network assurance explanation →

Consider the following partial configuration on router R4:

flow exporter EXPORTER-2 destination 10.10.10.1 source Loopback0 transport udp 9996 option interface-table option sampler-table ! flow monitor MONITOR-4 exporter EXPORTER-2 record netflow ipv4 original-input !

interface GigabitEthernet0/4
 ip flow monitor MONITOR-4 input

!

What is the purpose of the 'option interface-table' and 'option sampler-table' commands under the exporter?

Question 23mediummultiple choice
Read the full network assurance explanation →

Examine this partial configuration on router R5:

flow record RECORD-3 match ipv4 source address match ipv4 destination address match ipv4 protocol collect routing source as collect routing destination as ! flow monitor MONITOR-5 record RECORD-3 cache timeout active 60 !

interface GigabitEthernet0/5
 ip flow monitor MONITOR-5 input

!

What is missing or incorrect in this configuration?

Question 24mediummultiple choice
Read the full network assurance explanation →

Consider the following partial configuration on router R6:

flow exporter EXPORTER-3 destination 192.168.2.200 source Loopback0 transport udp 2055 template data timeout 120 ! flow monitor MONITOR-6 exporter EXPORTER-3 record netflow ipv4 original-input !

interface GigabitEthernet0/6
 ip flow monitor MONITOR-6 input

!

What is the effect of the 'template data timeout 120' command?

Question 25easymultiple choice
Read the full network assurance explanation →

What is the default active flow timeout value in Cisco IOS Flexible NetFlow?

Question 26mediummultiple choice
Read the full network assurance explanation →

In Flexible NetFlow, which of the following is true regarding the 'match' and 'collect' commands in a flow record?

Question 27easymultiple choice
Read the full network assurance explanation →

Which NetFlow version is the default export format when using Flexible NetFlow with the 'record netflow ipv4 original-input' command?

Question 28mediummulti select
Read the full network assurance explanation →

Which TWO commands would a network engineer use to verify NetFlow data export and flow monitor statistics on a Cisco IOS-XE router? (Choose TWO.)

Question 29hardmulti select
Read the full network assurance explanation →

Which TWO statements about Flexible NetFlow flow records are true? (Choose TWO.)

Question 30mediummulti select
Read the full network assurance explanation →

Which TWO configuration steps are required to enable Flexible NetFlow on a Cisco IOS-XE interface? (Choose TWO.)

Question 31hardmulti select
Read the full network assurance explanation →

Which THREE symptoms indicate that NetFlow data export is failing or misconfigured? (Choose THREE.)

Question 32mediummulti select
Read the full network assurance explanation →

Which TWO statements about NetFlow version 9 and Flexible NetFlow are true? (Choose TWO.)

Question 33hardmultiple choice
Review the full OSPF breakdown →

A large enterprise network is experiencing intermittent loss of NetFlow data from multiple routers. Router R1 has the following relevant configuration: flow exporter EXPORTER-1 destination 10.1.1.1 source Loopback0 transport udp 2055 export-protocol netflow-v9. Router R2 shows: R2# show flow exporter EXPORTER-1 statistics | include (Packets|Errors) Packets exported: 0, Errors: 0. The network uses OSPF, and R1's Loopback0 is reachable via a summary route. What is the root cause?

Question 34hardmultiple choice
Review the full OSPF breakdown →

A company uses EIGRP with route redistribution from OSPF. After configuring Flexible NetFlow to monitor traffic, engineers notice that some routes are missing from the routing table. Router R1 has: router eigrp 100 redistribute ospf 1 metric 10000 100 255 1 1500 route-map FILTER-OSPF. The route-map FILTER-OSPF uses a match ip address prefix-list ALLOWED. The prefix-list ALLOWED permits 10.0.0.0/8 le 24. However, a specific route 10.1.0.0/16 is not being redistributed. What is the root cause?

Question 35hardmultiple choice
Open the full BGP breakdown →

A DMVPN network uses FlexVPN with BGP as the routing protocol. Spoke routers are configured with Flexible NetFlow to monitor traffic. After a configuration change, spoke-to-spoke tunnels fail to establish. Router R1 (spoke) shows: show dmvpn detail | include (State|Tunnel) State: NHRP, Tunnel: Tunnel0. The BGP neighbor to the hub is up, but no BGP routes are received for the remote spoke's LAN. What is the root cause?

Question 36hardmultiple choice
Read the full MPLS explanation →

An MPLS network uses LDP for label distribution. After enabling Flexible NetFlow on the core routers, some LDP sessions fail to establish. Router R1 shows: show mpls ldp neighbor | include (Peer|State) Peer LDP Ident: 10.0.0.2:0, State: OPERATIONAL. Router R2 shows: show mpls ldp neighbor | include (Peer|State) Peer LDP Ident: 10.0.0.1:0, State: INIT. What is the root cause?

Question 37hardmultiple choice
Study the full ACL explanation →

A network engineer configures Flexible NetFlow on a router that also runs CoPP (Control Plane Policing). After applying the flow monitor to the ingress interface, the router's CPU spikes and management traffic (SSH, SNMP) becomes intermittent. Router R1 shows: show policy-map control-plane | include (class|police) class CoPP-MGMT police rate 10000 pps. show flow monitor FLOW-MONITOR statistics | include (Packets|Dropped) Packets dropped: 5000. What is the root cause?

Question 38hardmultiple choice
Read the full network assurance explanation →

A VRF-aware network uses route leaking between VRF A and VRF B. After configuring Flexible NetFlow to monitor traffic in VRF A, some routes that were previously leaked to VRF B disappear. Router R1 has: ip route vrf A 10.0.0.0 255.0.0.0 Null0. route-map LEAK permit 10 match ip address prefix-list GLOBAL. The prefix-list GLOBAL permits 10.0.0.0/8. The flow monitor is applied to the VRF A interface. What is the root cause?

Question 39hardmultiple choice
Open the full BGP breakdown →

A BGP-based network uses route reflectors and Flexible NetFlow to monitor traffic. After applying a flow monitor to the route reflector's interface, some BGP routes are not being reflected to clients. Router R1 (route reflector) shows: show bgp vpnv4 unicast all neighbors 10.0.0.2 advertised-routes | include (10.1.1.0/24) No entries. The BGP session is up, and the route 10.1.1.0/24 is in the BGP table. What is the root cause?

Question 40hardmultiple choice
Review the full OSPF breakdown →

An OSPF network has multiple areas and uses Flexible NetFlow to monitor inter-area traffic. After applying a flow monitor to the ABR's interface, OSPF neighbor relationships fail to form. Router R1 (ABR) shows: show ip ospf neighbor | include (FULL|DOWN) Neighbor 10.0.0.2, interface GigabitEthernet0/0, state DOWN. show flow monitor FLOW-MONITOR statistics | include (Packets|Errors) Packets exported: 1000, Errors: 0. What is the root cause?

Question 41hardmultiple choice
Study the full EIGRP explanation →

A network uses route summarization to reduce routing table size. After enabling Flexible NetFlow, some routes that were previously summarized are now being advertised individually. Router R1 has: interface GigabitEthernet0/0 ip summary-address eigrp 100 10.0.0.0 255.0.0.0. The flow monitor is applied to the same interface. show ip route eigrp | include (10.0.0.0/8) shows the summary route, but also shows more specific routes like 10.1.0.0/16. What is the root cause?

Question 42mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to troubleshoot a Flexible NetFlow issue:

R1# show flow monitor FLOW-MONITOR-1 cache format table

Cache type: Normal Cache size: 1000 Current entries: 25 High Watermark: 50

Flows added: 1234 Flows aged: 1209 - Active timeout ( 1800 secs): 100 - Inactive timeout ( 15 secs): 1100 - Event aged: 9 - Watermark aged: 0 - Emergency aged: 0

What does the output indicate?

Question 43easymultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to verify NetFlow export on an interface:

R1# show ip flow interface

GigabitEthernet0/0

ip flow ingress
  ip flow egress

GigabitEthernet0/1

ip flow ingress

What does this output indicate?

Question 44mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to debug NetFlow export:

R1# debug ip flow export

IP Flow export debugging is on

R1#

*Mar  1 00:05:23.123: FLOW: export v9 flow 1 with 30 packets
*Mar  1 00:05:23.124: FLOW: export v9 flow 2 with 15 packets
*Mar  1 00:05:23.125: FLOW: export v9 flow 3 with 22 packets
*Mar  1 00:05:23.126: FLOW: export v9 flow 4 with 8 packets
*Mar  1 00:05:23.127: FLOW: export v9 flow 5 with 12 packets

What does this output indicate?

Question 45easymultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to verify Flexible NetFlow record configuration:

R1# show flow record FLOW-RECORD-1

flow record FLOW-RECORD-1 match ipv4 source address match ipv4 destination address match ip protocol collect counter bytes collect counter packets collect timestamp sys-uptime first collect timestamp sys-uptime last

What does this output indicate?

Question 46mediummultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to verify NetFlow export destination:

R1# show ip flow export

Flow export v9 is enabled for main cache Export source and destination details : VRF ID : Default Destination(1) 192.168.1.100 (2055) Source IP 10.0.0.1 Origin AS 65000 Peer AS 65001 Mask for source 255.255.255.255 Mask for destination 255.255.255.255 Version 9 flow records 1234 flows exported in 567 udp datagrams 0 flows failed due to lack of export packet 0 export packets were sent up to process level 0 export packets were dropped due to no fib 0 export packets were dropped due to adjacency issues 0 export packets were dropped due to fragmentation failures 0 export packets were dropped due to encapsulation fixup failures

What does this output indicate?

Question 47hardmultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to troubleshoot Flexible NetFlow cache usage:

R1# show flow monitor FLOW-MONITOR-1 statistics

Cache type: Normal Cache size: 1000 Current entries: 900 High Watermark: 950 Flows added: 50000 Flows aged: 49100 - Active timeout ( 1800 secs): 40000 - Inactive timeout ( 15 secs): 9000 - Event aged: 100 - Watermark aged: 0 - Emergency aged: 0

What does this output indicate?

Question 48mediummultiple choice
Study the full QoS explanation →

A network engineer runs the following command to verify NetFlow data export format:

R1# show flow exporter EXPORTER-1

Flow Exporter: EXPORTER-1 Transport Configuration: Destination IP address: 192.168.1.100 Source IP address: 10.0.0.1 Transport Protocol: UDP Destination Port: 2055 Source Port: 51234 DSCP: 0x00 TTL: 255 Output Features: Used Export Protocol: NetFlow Version 9 Template Data Export Timeout: 1800 seconds Option Data Export Timeout: 1800 seconds Option Data Configured: application-table sub-application-table application-attributes

What does this output indicate?

Question 49easymultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to verify Flexible NetFlow cache entries:

R1# show flow monitor FLOW-MONITOR-1 cache format record

Cache entry for flow 1: ipv4 source address: 10.0.0.1 ipv4 destination address: 192.168.1.100

ip protocol: 6

counter bytes: 1500 counter packets: 10 timestamp sys-uptime first: 123456 timestamp sys-uptime last: 123556

Cache entry for flow 2: ipv4 source address: 10.0.0.2 ipv4 destination address: 192.168.1.101

ip protocol: 17

counter bytes: 500 counter packets: 5 timestamp sys-uptime first: 123457 timestamp sys-uptime last: 123557

What does this output indicate?

Question 50hardmultiple choice
Read the full network assurance explanation →

A network engineer runs the following command to debug Flexible NetFlow cache events:

R1# debug flow monitor FLOW-MONITOR-1

Flow Monitor FLOW-MONITOR-1 debugging is on R1#

*Mar  1 00:10:15.123: FLOW MONITOR: Cache entry created for flow 10.0.0.1:1234 -> 192.168.1.100:80 (TCP)
*Mar  1 00:10:15.124: FLOW MONITOR: Cache entry updated for flow 10.0.0.1:1234 -> 192.168.1.100:80 (TCP) - bytes: 1460, packets: 1
*Mar  1 00:10:15.125: FLOW MONITOR: Cache entry updated for flow 10.0.0.1:1234 -> 192.168.1.100:80 (TCP) - bytes: 2920, packets: 2
*Mar  1 00:10:45.123: FLOW MONITOR: Cache entry aged for flow 10.0.0.1:1234 -> 192.168.1.100:80 (TCP) - reason: inactive timeout

What does this output indicate?

Question 51mediummultiple choice
Read the full network assurance explanation →

What is the default flow-cache timeout for NetFlow version 9 on Cisco IOS-XE?

Question 52hardmultiple choice
Open the full BGP breakdown →

Which statement correctly describes the default behavior of the 'flow monitor' in Flexible NetFlow regarding the collection of BGP next-hop information?

Question 53mediummultiple choice
Read the full network assurance explanation →

What is the default export interval for NetFlow data when using the 'flow exporter' with UDP as the transport protocol?

Question 54easymultiple choice
Read the full network assurance explanation →

Which of the following is a mandatory field in a Flexible NetFlow flow record for IPv4 traffic?

Question 55mediummultiple choice
Read the full network assurance explanation →

What is the default value for the 'active flow timeout' in a Flexible NetFlow monitor on Cisco IOS-XE?

Question 56easymultiple choice
Read the full network assurance explanation →

Which NetFlow version introduced the concept of templates to support variable-length flow records?

Question 57hardmultiple choice
Read the full network assurance explanation →

In Flexible NetFlow, what is the default 'collect counter bytes' setting for a flow record?

Question 58easymultiple choice
Read the full network assurance explanation →

What is the default transport protocol used by NetFlow exporters on Cisco IOS-XE?

Question 59hardmultiple choice
Read the full network assurance explanation →

Which statement correctly describes the default 'match' direction in a Flexible NetFlow flow record?

Question 60mediumdrag order
Read the full network assurance explanation →

Drag and drop the steps to configure Flexible NetFlow with a custom flow record into the correct order, from first to last.

Question 61harddrag order
Read the full network assurance explanation →

Drag and drop the steps to troubleshoot NetFlow and Flexible NetFlow connectivity failures into the correct order, from first to last.

Question 62mediumdrag order
Read the full network assurance explanation →

Drag and drop the steps to verify and validate NetFlow and Flexible NetFlow operational state into the correct order, from first to last.

Question 63hardmulti select
Read the full network assurance explanation →

Which TWO statements about Flexible NetFlow flow monitors and flow exporters are true? (Choose TWO.)

Question 64hardmulti select
Read the full network assurance explanation →

An engineer needs to troubleshoot a NetFlow deployment where flow data is not being exported to the collector. Which TWO commands can be used to verify the operational status of NetFlow on a Cisco IOS-XE device? (Choose TWO.)

Question 65hardmulti select
Read the full network assurance explanation →

Which THREE statements about the NetFlow flow cache and export timing are correct? (Choose THREE.)

Question 66hardmulti select
Read the full network assurance explanation →

An engineer configures Flexible NetFlow with a user-defined flow record that includes 'match ipv4 source address' and 'collect counter bytes'. Which TWO additional statements about this configuration are true? (Choose TWO.)

Question 67hardmulti select
Read the full network assurance explanation →

Which TWO statements about NetFlow version 9 and Flexible NetFlow export format are true? (Choose TWO.)

Question 68hardmultiple choice
Read the full network assurance explanation →

An engineer configures Flexible NetFlow on a router to monitor traffic. Unexpectedly, the NetFlow exporter does not send any flow records to the collector. The engineer verifies that the monitor is applied to the correct interface and that the collector is reachable. Which is the most likely explanation?

Question 69hardmultiple choice
Review the full OSPF breakdown →

An engineer configures OSPF on two directly connected routers with MTU 1500 on one interface and MTU 1400 on the other. The OSPF adjacency forms but remains in EXSTART state. Which is the most likely explanation?

Question 70hardmultiple choice
Study the full EIGRP explanation →

An engineer configures EIGRP named mode on a router. After a link failure, a route becomes stuck-in-active (SIA). The engineer checks the EIGRP topology and notices that the route has a feasible successor. Which is the most likely explanation?

Question 71hardmultiple choice
Open the full BGP breakdown →

An engineer configures BGP between two routers in the same AS. The iBGP session is established, but the routes learned from eBGP are not being advertised to the iBGP neighbor. The engineer verifies that the next-hop is reachable via IGP. Which is the most likely explanation?

Question 72hardmultiple choice
Review the full OSPF breakdown →

An engineer configures mutual redistribution between OSPF and EIGRP. After the configuration, routing loops occur. The engineer checks the routing tables and sees that the same prefix is learned from both protocols with different administrative distances. Which is the most likely explanation?

Question 73hardmultiple choice
Read the full VPN explanation →

An engineer configures a DMVPN Phase 2 network. Spoke-to-spoke tunnels are expected to form dynamically. However, when a spoke tries to reach another spoke, traffic is still sent through the hub. The engineer verifies that NHRP is working and that the spoke-to-spoke tunnel is up. Which is the most likely explanation?

Question 74hardmultiple choice
Study the full ACL explanation →

An engineer configures IPsec between two routers using a site-to-site VPN. The tunnel is established, but traffic is not encrypted. The engineer checks the crypto map and sees that the ACL for interesting traffic is configured correctly. Which is the most likely explanation?

Question 75hardmultiple choice
Study the full ACL explanation →

An engineer configures Control Plane Policing (CoPP) on a router to protect the management plane. After applying the policy, the router becomes unreachable via SSH, but the console is still accessible. The engineer checks the CoPP policy and sees that SSH traffic is permitted. Which is the most likely explanation?

Question 76hardmultiple choice
Read the full network assurance explanation →

An engineer configures unicast Reverse Path Forwarding (uRPF) in strict mode on an interface. After the configuration, legitimate traffic from a customer network is being dropped. The engineer verifies that the customer's IP prefix is in the routing table. Which is the most likely explanation?

Practice tests

Scored 10-question sessions with instant feedback and explanations.

300-410 Practice Test 1 — 10 Questions→300-410 Practice Test 2 — 10 Questions→300-410 Practice Test 3 — 10 Questions→300-410 Practice Test 4 — 10 Questions→300-410 Practice Test 5 — 10 Questions→300-410 Practice Exam 1 — 20 Questions→300-410 Practice Exam 2 — 20 Questions→300-410 Practice Exam 3 — 20 Questions→300-410 Practice Exam 4 — 20 Questions→Free 300-410 Practice Test 1 — 30 Questions→Free 300-410 Practice Test 2 — 30 Questions→Free 300-410 Practice Test 3 — 30 Questions→300-410 Practice Questions 1 — 50 Questions→300-410 Practice Questions 2 — 50 Questions→300-410 Exam Simulation 1 — 100 Questions→

Practice by domain

Each domain maps to a weighted exam section. Focus on the domain where you are weakest.

Layer 3 TechnologiesEIGRP TroubleshootingOSPF Troubleshooting (v2/v3)BGP TroubleshootingRoute RedistributionPolicy-Based Routing (PBR)VRF-LiteRoute Maps and Route FilteringAdministrative DistanceRoute SummarizationBidirectional Forwarding Detection (BFD)VPN TechnologiesMPLS OperationsMPLS L3VPNDMVPNIPsec Site-to-Site VPNIPv6 Tunneling TechniquesInfrastructure SecurityDevice Access ControlIPv4 Access Control ListsIPv6 Traffic Filtering and uRPFControl Plane Policing (CoPP)IPv6 First Hop SecurityInfrastructure ServicesDevice ManagementSNMP TroubleshootingNetwork Logging and SyslogEmbedded Event Manager (EEM)IP SLANetFlow and Flexible NetFlowSPAN, RSPAN, and ERSPANDHCP (IPv4 and IPv6)NAT and PAT

Practice by scenario

Filter questions by type — troubleshooting, exhibit, drag-and-drop, PBQ, ACLs, OSPF, and more.

Browse scenarios→

Continue studying

All NetFlow and Flexible NetFlow setsAll NetFlow and Flexible NetFlow questions300-410 Practice Hub