Cisco Certified Internetwork Expert (CCIE) Practice Test

Disable ads (and more) with a membership for a one time $2.99 payment

Study for the Cisco Certified Internetwork Expert Test. Enhance your skills with multiple-choice questions, hints, and detailed explanations. Prepare efficiently for your exam!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which command would allow the investigation of packet flows in real-time on a Cisco ASA?

show access-list
capture traffic
debug packet
show logging

The correct answer is: capture traffic

The command that enables real-time investigation of packet flows on a Cisco ASA is "capture traffic." This command sets up an online packet capture to monitor the traffic traversing the device. When executed, it allows for the observation of packet details such as source and destination addresses, protocols, and ports in real-time, providing valuable insights for troubleshooting or analyzing network performance. Packet captures can be particularly beneficial when diagnosing issues or verifying traffic flow, as they capture all packets matching specified criteria without impacting the overall ASA operation. This real-time data can then be analyzed with tools like Wireshark to further investigate any anomalies or to confirm that traffic is processed as expected. The other choices do not provide the same level of real-time insights. Displaying access-lists provides static information about the rules within those lists but does not show the packet flows themselves. Debugging packets can be useful but may not always give a comprehensive view compared to a dedicated capture. Viewing logs can offer information about events and traffic but is not in real-time and often lacks the detail regarding packet-level analysis that a capture provides.