SNCF — Securing Networks with Firepower — Question 230

When an engineer captures traffic on a Cisco Secure Firewall Threat Defense device to troubleshoot a connectivity problem, they receive a large amount of output data in the GUI tool. The engineer found that viewing the captures this way is time-consuming and difficult to sort and filter. Which file type must the engineer export the data in so that it can be reviewed using a tool built for this type of analysis?

Answer options

• A. NetFlow v9
• B. PCAP
• C. IPFIX
• D. NetFlow v5

Correct answer: B

Explanation

The correct answer is B, PCAP, as it is a widely used file format specifically designed for capturing network traffic and is compatible with various analysis tools. The other options, while related to network traffic monitoring, are not suitable for this specific type of output analysis, making them less effective for the engineer's needs.