1. Home
  2. Cisco
  3. Additional Online Exams
  4. 500-285
  5. Securing Cisco Networks with Sourcefire IPS Questions and Answers

Pass the Cisco Additional Online Exams 500-285 Questions and answers with CertsForce

 Cisco Exams      Go to Exam Detail      Get Premium Access
Viewing page 2 out of 2 pages
Viewing questions 11-20 out of questions
Questions # 11:

FireSIGHT uses three primary types of detection to understand the environment in which it is deployed. Which option is one of the detection types?

Options:
A.

protocol layer

B.

application

C.

objects

D.

devices

Expert Solution
Questions # 12:

In addition to the discovery of new hosts, FireSIGHT can also perform which function?

Options:
A.

block traffic

B.

determine which users are involved in monitored connections

C.

discover information about users

D.

route traffic

Expert Solution
Questions # 13:

What does the whitelist attribute value "not evaluated" indicate?

Options:
A.

The host is not a target of the whitelist.

B.

The host could not be evaluated because no profile exists for it.

C.

The whitelist status could not be updated because the correlation policy it belongs to is not enabled.

D.

The host is not on a monitored network segment.

Expert Solution
Questions # 14:

Which list identifies the possible types of alerts that the Sourcefire System can generate as notification of events or policy violations?

Options:
A.

logging to database, SMS, SMTP, and SNMP

B.

logging to database, SMTP, SNMP, and PCAP

C.

logging to database, SNMP, syslog, and email

D.

logging to database, PCAP, SMS, and SNMP

Expert Solution
Questions # 15:

Which statement is true regarding malware blocking over HTTP?

Options:
A.

It can be done only in the download direction.

B.

It can be done only in the upload direction.

C.

It can be done in both the download and upload direction.

D.

HTTP is not a supported protocol for malware blocking.

Expert Solution
Questions # 16:

A context box opens when you click on an event icon in the Network File Trajectory map for a file. Which option is an element of the box?

Options:
A.

Scan

B.

Application Protocol

C.

Threat Name

D.

File Name

Expert Solution
Questions # 17:

What does packet latency thresholding measure?

Options:
A.

the total elapsed time it takes to process a packet

B.

the amount of time it takes for a rule to process

C.

the amount of time it takes to process an event

D.

the time span between a triggered event and when the packet is dropped

Expert Solution
Questions # 18:

A one-to-many type of scan, in which an attacker uses a single host to scan a single port on multiple target hosts, indicates which port scan type?

Options:
A.

port scan

B.

portsweep

C.

decoy port scan

D.

ACK scan

Expert Solution
Viewing page 2 out of 2 pages
Viewing questions 11-20 out of questions