Want to know Pass4sure 500-285 Exam practice test features? Want to lear more about Cisco Securing Cisco Networks with Sourcefire IPS certification experience? Study Guaranteed Cisco 500-285 answers to Up to date 500-285 questions at Pass4sure. Gat a success with an absolute guarantee to pass Cisco 500-285 (Securing Cisco Networks with Sourcefire IPS) test on your first attempt.
2021 Sep 500-285 test questions
Q21. One of the goals of geolocation is to identify which option?
A. the location of any IP address
B. the location of a MAC address
C. the location of a TCP connection
D. the location of a routable IP address
Q22. FireSIGHT recommendations appear in which layer of the Policy Layers page?
A. Layer Summary
B. User Layers
C. Built-In Layers
D. FireSIGHT recommendations do not show up as a layer.
Q23. Remote access to the Defense Center database has which characteristic?
Q24. Which statement regarding user exemptions is true?
A. Non-administrators can be made exempt on an individual basis.
B. Exempt users have a browser session timeout restriction of 24 hours.
C. Administrators can be exempt from any browser session timeout value.
D. By default, all users cannot be exempt from any browser session timeout value.
Q25. What is the maximum timeout value for a browser session?
A. 60 minutes
B. 120 minutes
C. 1024 minutes
D. 1440 minutes
Renovate 500-285 exam prep:
Q26. Which option describes Spero file analysis?
A. a method of analyzing the SHA-256 hash of a file to determine whether a file is malicious or not
B. a method of analyzing the entire contents of a file to determine whether it is malicious or not
C. a method of analyzing certain file characteristics, such as metadata and header information, to determine whether a file is malicious or not
D. a method of analyzing a file by executing it in a sandbox environment and observing its behaviors to determine if it is malicious or not
Q27. Stacking allows a primary device to utilize which resources of secondary devices?
A. interfaces, CPUs, and memory
B. CPUs and memory
C. interfaces, CPUs, memory, and storage
D. interfaces and storage
Q28. A one-to-many type of scan, in which an attacker uses a single host to scan a single port on multiple target hosts, indicates which port scan type?
A. port scan
C. decoy port scan
D. ACK scan
Q29. When you are editing an intrusion policy, how do you know that you have changes?
A. The Commit Changes button is enabled.
B. A system message notifies you.
C. You are prompted to save your changes on every screen refresh.
D. A yellow, triangular icon displays next to the Policy Information option in the navigation panel.
Q30. What does the whitelist attribute value "not evaluated" indicate?
A. The host is not a target of the whitelist.
B. The host could not be evaluated because no profile exists for it.
C. The whitelist status could not be updated because the correlation policy it belongs to is not enabled.
D. The host is not on a monitored network segment.