Act now and download your Cisco 500-285 test today! Do not waste time for the worthless Cisco 500-285 tutorials. Download Renewal Cisco Securing Cisco Networks with Sourcefire IPS exam with real questions and answers and begin to learn Cisco 500-285 with a classic professional.

2021 Jul 500-285 simulations

Q11. Which feature of the preprocessor configuration pages lets you quickly jump to a list of the rules associated with the preprocessor that you are configuring? 

A. the rule group accordion 

B. a filter bar 

C. a link below the preprocessor heading 

D. a button next to each preprocessor option that has a corresponding rule 

Answer: C 


Q12. Which statement is true in regard to the Sourcefire Security Intelligence lists? 

A. The global blacklist universally allows all traffic through the managed device. 

B. The global whitelist cannot be edited. 

C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer. 

D. The Security Intelligence lists cannot be updated. 

Answer: C 


Q13. Which mechanism should be used to write an IPS rule that focuses on the client or server side of a TCP communication? 

A. the directional operator in the rule header 

B. the "flow" rule option 

C. specification of the source and destination ports in the rule header 

D. The detection engine evaluates all sides of a TCP communication regardless of the rule options. 

Answer: B 


Q14. Which option is derived from the discovery component of FireSIGHT technology? 

A. connection event table view 

B. network profile 

C. host profile 

D. authentication objects 

Answer: C 


Q15. When adding source and destination ports in the Ports tab of the access control policy rule editor, which restriction is in place? 

A. The protocol is restricted to TCP only. 

B. The protocol is restricted to UDP only. 

C. The protocol is restricted to TCP or UDP. 

D. The protocol is restricted to TCP and UDP. 

Answer: C 


2passeasy.com

Refresh 500-285 practice exam:

Q16. Which option describes the two basic components of Sourcefire Snort rules? 

A. preprocessor configurations to define what to do with packets before the detection engine sees them, and detection engine configurations to define exactly how alerting is to take place 

B. a rule statement characterized by the message you configure to appear in the alert, and the rule body that contains all of the matching criteria such as source, destination, and protocol 

C. a rule header to define source, destination, and protocol, and the output configuration to determine which form of output to produce if the rule triggers 

D. a rule body that contains packet-matching criteria or options to define where to look for content in a packet, and a rule header to define matching criteria based on where a packet originates, where it is going, and over which protocol 

Answer: D 


Q17. The gateway VPN feature supports which deployment types? 

A. SSL and HTTPS 

B. PPTP and MPLS C. client and route-based 

D. point-to-point, star, and mesh 

Answer: D 


Q18. Which statement describes the meaning of a red health status icon? 

A. A critical threshold has been exceeded. 

B. At least one health module has failed. 

C. A health policy has been disabled on a monitored device. 

D. A warning threshold has been exceeded. 

Answer: A 


Q19. Which option is used to implement suppression in the Rule Management user interface? 

A. Rule Category 

B. Global 

C. Source 

D. Protocol 

Answer: C 


Q20. What does packet latency thresholding measure? 

A. the total elapsed time it takes to process a packet 

B. the amount of time it takes for a rule to process 

C. the amount of time it takes to process an event 

D. the time span between a triggered event and when the packet is dropped 

Answer: A