Cisco 500-285 today updated questions - Verified by Cisco Experts

Securing Cisco Networks with Sourcefire IPS Questions and Answers

Question 1

Which feature of the preprocessor configuration pages lets you quickly jump to a list of the rules associated with the preprocessor that you are configuring?

Options:

the rule group accordion

a filter bar

a link below the preprocessor heading

a button next to each preprocessor option that has a corresponding rule

Question 2

Suppose an administrator is configuring an IPS policy and attempts to enable intrusion rules that require the operation of the TCP stream preprocessor, but the TCP stream preprocessor is turned off. Which statement is true in this situation?

Options:

The administrator can save the IPS policy with the TCP stream preprocessor turned off, but the rules requiring its operation will not function properly.

When the administrator enables the rules and then attempts to save the IPS policy, the administrator will be prompted to accept that the TCP stream preprocessor will be turned on for the IPS policy.

The administrator will be prevented from changing the rule state of the rules that require the TCP stream preprocessor until the TCP stream preprocessor is enabled.

When the administrator enables the rules and then attempts to save the IPS policy, the administrator will be prompted to accept that the rules that require the TCP stream preprocessor will be turned off for the IPS policy.

Question 3

Which option is true regarding the $HOME_NET variable?

Options:

is a policy-level variable

has a default value of "all"

defines the network the active policy protects

is used by all rules to define the internal network

Question 4

Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence?

Options:

subscribe to a URL intelligence feed

subscribe to a VRT

upload a list that you create

automatically upload lists from a network share

Question 5

Which option is derived from the discovery component of FireSIGHT technology?

Options:

connection event table view

network profile

host profile

authentication objects

Question 6

Host criticality is an example of which option?

Options:

a default whitelist

a default traffic profile

a host attribute

a correlation policy

Question 7

Alert priority is established in which way?

Options:

event classification

priority.conf file

host criticality selection

through Context Explorer

Question 8

Which option describes the two basic components of Sourcefire Snort rules?

Options:

preprocessor configurations to define what to do with packets before the detection engine sees them, and detection engine configurations to define exactly how alerting is to take place

a rule statement characterized by the message you configure to appear in the alert, and the rule body that contains all of the matching criteria such as source, destination, and protocol

a rule header to define source, destination, and protocol, and the output configuration to determine which form of output to produce if the rule triggers

a rule body that contains packet-matching criteria or options to define where to look for content in a packet, and a rule header to define matching criteria based on where a packet originates, where it is going, and over which protocol

Question 9

Which statement is true regarding malware blocking over HTTP?

Options:

It can be done only in the download direction.

It can be done only in the upload direction.

It can be done in both the download and upload direction.

HTTP is not a supported protocol for malware blocking.

Load More 500-285 Questions

Labour Day Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Cisco 500-285 Securing Cisco Networks with Sourcefire IPS Exam Practice Test

Securing Cisco Networks with Sourcefire IPS Questions and Answers

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer:

Options:

Answer: