Cisco Certified Internetwork Expert (CCIE) 2025 – 400 Free Practice Questions to Pass the Exam

The statement about monitoring sent and received packets in the same session is true because a SPAN (Switched Port Analyzer) session can indeed be configured to capture traffic in both directions from a source port. This capability is crucial for comprehensive network traffic analysis, as it allows network administrators to monitor not just outbound traffic but inbound traffic as well, providing a complete view of the traffic patterns on that port.

In addition to this statement, the option regarding the mixing of source ports and source VLANs in the same SPAN session is also true. SPAN sessions are versatile enough to aggregate traffic from multiple source ports and to monitor traffic from different VLANs simultaneously. This allows a network engineer to analyze a diverse range of traffic and troubleshoot issues more effectively.

The other alternatives do not align with the functionalities of SPAN sessions as well. For instance, while multiple SPAN sessions can indeed use the same destination port, each SPAN session itself must be carefully managed to avoid any potential traffic contention that could lead to packet loss or improper monitoring. The architecture generally prefers to have unique dedicated destination ports for clearer analysis.