500-285 Practice Exam Questions with Answers Securing Cisco Networks with Sourcefire IPS Certification

Question # 6

Which option is true of the Packet Information portion of the Packet View screen?

provides a table view of events

allows you to download a PCAP formatted file of the session that triggered the event

displays packet data in a format based on TCP/IP layers

shows you the user that triggered the event

Full Access

Question # 7

The gateway VPN feature supports which deployment types?

SSL and HTTPS

PPTP and MPLS

client and route-based

point-to-point, star, and mesh

Full Access

Question # 8

Stacking allows a primary device to utilize which resources of secondary devices?

interfaces, CPUs, and memory

CPUs and memory

interfaces, CPUs, memory, and storage

interfaces and storage

Full Access

Question # 9

Which statement is true regarding malware blocking over HTTP?

It can be done only in the download direction.

It can be done only in the upload direction.

It can be done in both the download and upload direction.

HTTP is not a supported protocol for malware blocking.

Full Access

Question # 10

Which option can you enter in the Search text box to look for the trajectory of a particular file?

the MD5 hash value of the file

the SHA-256 hash value of the file

the URL of the file

the SHA-512 hash value of the file

Full Access

Question # 11

When configuring an LDAP authentication object, which server type is available?

Microsoft Active Directory

Yahoo

Oracle

SMTP

Full Access

Question # 12

Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

Administrator

Intrusion Administrator

Maintenance User

Database Administrator

Full Access

Question # 13

A one-to-many type of scan, in which an attacker uses a single host to scan a single port on multiple target hosts, indicates which port scan type?

port scan

portsweep

decoy port scan

ACK scan

Full Access

Question # 14

Which feature of the preprocessor configuration pages lets you quickly jump to a list of the rules associated with the preprocessor that you are configuring?

the rule group accordion

a filter bar

a link below the preprocessor heading

a button next to each preprocessor option that has a corresponding rule

Full Access

Question # 15

Host criticality is an example of which option?

a default whitelist

a default traffic profile

a host attribute

a correlation policy

Full Access

Question # 16

In addition to the discovery of new hosts, FireSIGHT can also perform which function?

block traffic

determine which users are involved in monitored connections

discover information about users

route traffic

Full Access

Question # 17

When you are editing an intrusion policy, how do you know that you have changes?

The Commit Changes button is enabled.

A system message notifies you.

You are prompted to save your changes on every screen refresh.

A yellow, triangular icon displays next to the Policy Information option in the navigation panel.

Full Access

Question # 18

Which option is used to implement suppression in the Rule Management user interface?

Rule Category

Global

Source

Protocol

Full Access

Summer Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

Contact Email:

Crack4sure Logo

Main Navigation

500-285 PDF

$49

$139.99

500-285 PDF + Testing Engine

$66.5

$189.99

500-285 Engine

$56

$159.99

500-285 Practice Exam Questions with Answers Securing Cisco Networks with Sourcefire IPS Certification

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

Answer:

QUICK LINKS

SUPPORT

PAYMENT METHOD

Site Secure

CONTACT US