New Year Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Activedumpsnet Logo
  1. Home
  2. Cisco
  3. Additional Online Exams
  4. 500-285
  5. 500-285 - Securing Cisco Networks with Sourcefire IPS

Cisco 500-285 Securing Cisco Networks with Sourcefire IPS Exam Practice Test

Page: 1 / 6
Total 60 questions
Get 500-285 Full Access Download 500-285 PDF

Securing Cisco Networks with Sourcefire IPS Questions and Answers

Question 1

A user discovery agent can be installed on which platform?

Options:

A.

OpenLDAP

B.

Windows

C.

RADIUS

D.

Ubuntu

Question 2

The IP address::/0 is equivalent to which IPv4 address and netmask?

Options:

A.

0.0.0.0

B.

0.0.0.0/0

C.

0.0.0.0/24

D.

The IP address::/0 is not valid IPv6 syntax.

Question 3

Which statement is true when adding a network to an access control rule?

Options:

A.

You can select only source networks.

B.

You must have preconfigured the network as an object.

C.

You can select the source and destination networks or network groups.

D.

You cannot include multiple networks or network groups as sources or destinations.

Question 4

How do you configure URL filtering?

Options:

A.

Add blocked URLs to the global blacklist.

B.

Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.

C.

Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.

D.

Create a variable.

Question 5

FireSIGHT recommendations appear in which layer of the Policy Layers page?

Options:

A.

Layer Summary

B.

User Layers

C.

Built-In Layers

D.

FireSIGHT recommendations do not show up as a layer.

Question 6

Which option is used to implement suppression in the Rule Management user interface?

Options:

A.

Rule Category

B.

Global

C.

Source

D.

Protocol

Question 7

Which option is a valid whitelist evaluation value?

Options:

A.

pending

B.

violation

C.

semi-compliant

D.

not-evaluated

Question 8

What does the whitelist attribute value "not evaluated" indicate?

Options:

A.

The host is not a target of the whitelist.

B.

The host could not be evaluated because no profile exists for it.

C.

The whitelist status could not be updated because the correlation policy it belongs to is not enabled.

D.

The host is not on a monitored network segment.

Question 9

Which statement is true in regard to the Sourcefire Security Intelligence lists?

Options:

A.

The global blacklist universally allows all traffic through the managed device.

B.

The global whitelist cannot be edited.

C.

IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer.

D.

The Security Intelligence lists cannot be updated.

Load More 500-285 Questions 
Page: 1 / 6
Total 60 questions
Get 500-285 Full Access Download 500-285 PDF