Home > Articles > NetFlow for Cybersecurity

NetFlow for Cybersecurity

Chapter Description

In this sample chapter from CCNA Cyber Ops SECOPS 210-255 Official Cert Guide, readers learn how to configure basic NetFlow in a Cisco device. Content also covers the industry standard IPFIX as well as how NetFlow is used for cybersecurity and incident response.

Exam Preparation Tasks

Review All Key Topics

Review the most important topics in the chapter, noted with the Key Topic icon in the outer margin of the page. Table 4-28 lists these key topics and the page numbers on which each is found.

Table 4-28 Key Topics

Key Topic Element

Description

Page

Summary

What is a flow?

78

List

NetFlow versions

81

List

NetFlow fields

87

Summary

What is IPFIX?

110

Summary

Comparing NetFlow and IPFIX

113

Summary

How can NetFlow be used for anomaly detection?

113

Summary

How can NetFlow be used for incident response?

114

Summary

Using NetFlow for Data Leak Detection and Prevention

119

List

Commercial NetFlow analysis tools

125

List

Open source NetFlow analysis tools

129

Print a copy of Appendix B, “Memory Tables,” (found on the book website), or at least the section for this chapter, and complete the tables and lists from memory. Appendix C, “Memory Tables Answer Key,” also on the website, includes completed tables and lists to check your work.

8. Define Key Terms | Next Section Previous Section

There are currently no related articles. Please check back later.