The newly updated Lead4Pass 500-285 dumps contain 60 exam questions and answers, as well as provide difficult analysis, in line with the Cisco 500-285 SSFIPS certification exam conditions!
Because Lead4Pass 500-285 dumps are actually verified by a professional team, it is real and effective! And provide two learning types: 500-285 dumps PDF, and 500-285 dumps VCE, both types contain the latest 500-285 exam questions!
So, get the latest 500-285 dumps in PDF or VCE format from Lead4Pass: https://www.leads4pass.com/500-285.html, to ensure you pass the exam easily.
Two free surprises:
- Get some Lead4Pass 500-285 dumps in PDF format
- Online practice section Lead4Pass 500-285 dumps
First Surprise: Online Download Section Lead4Pass 500-285 dumps:https://drive.google.com/file/d/13RGPWvHBWMBFNTprWQC_RLy1KYqIDzPu/
The second surprise: online practice part Lead4Pass 500-285 dumps
| Type | Number of exam questions | Exam name | Exam code |
| Free | 15 | Securing Cisco Networks with FireSIGHT Intrusion Prevention System (SSFIPS) | 500-285 |
Question 1:
What are the two categories of variables that you can configure in Object Management?
A. System Default Variables and FireSIGHT-Specific Variables
B. System Default Variables and Procedural Variables
C. Default Variables and Custom Variables
D. Policy-Specific Variables and Procedural Variables
Correct Answer: C
Question 2:
Which option is true regarding the $HOME_NET variable?
A. is a policy-level variable
B. has a default value of “all”
C. defines the network the active policy protects
D. is used by all rules to define the internal network
Correct Answer: C
Question 3:
Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence?
A. subscribe to a URL intelligence feed
B. subscribe to a VRT
C. upload a list that you create
D. automatically uploads lists from a network share
Correct Answer: C
Question 4:
Which statement is true in regard to the Sourcefire Security Intelligence lists?
A. The global blacklist universally allows all traffic through the managed device.
B. The global whitelist cannot be edited.
C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer.
D. The Security Intelligence lists cannot be updated.
Correct Answer: C
Question 5:
Which statement is true when adding a network to an access control rule?
A. You can select only source networks.
B. You must have preconfigured the network as an object.
C. You can select the source and destination networks or network groups.
D. You cannot include multiple networks or network groups as sources or destinations.
Correct Answer: C
Question 6:
Which option is true when configuring an access control rule?
A. You can use geolocation criteria to specify source IP addresses by country and continent, as well as destination IP addresses by country and continent.
B. You can use geolocation criteria to specify destination IP addresses by country but not source IP addresses.
C. You can use geolocation criteria to specify source and destination IP addresses by country but not by continent.
D. You can use geolocation criteria to specify source and destination IP addresses by continent but not by country.
Correct Answer: A
Question 7:
How do you configure URL filtering?
A. Add blocked URLs to the global blacklist.
B. Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.
C. Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.
D. Create a variable.
Correct Answer: C
Question 8:
When adding source and destination ports in the Ports tab of the access control policy rule editor, which restriction is in place?
A. The protocol is restricted to TCP only.
B. The protocol is restricted to UDP only.
C. The protocol is restricted to TCP or UDP.
D. The protocol is restricted to TCP and UDP.
Correct Answer: C
Question 9:
Access control policy rules can be configured to block based on the conditions that you specify in each rule. Which behavior block response do you use if you want to deny and reset the connection of HTTP traffic that meets the conditions of the access control rule?
A. interactive block with reset
B. interactive block
C. block
D. block with reset
Correct Answer: D
Question 10:
Which option transmits policy-based alerts such as SNMP and syslog?
A. the Defense Center
B. FireSIGHT
C. the managed device
D. the host
Correct Answer: C
Question 11:
One of the goals of geolocation is to identify which option.
A. the location of any IP address
B. the location of a MAC address
C. the location of a TCP connection
D. the location of a routable IP address
Correct Answer: D
Question 12:
Which option is not a characteristic of dashboard widgets or Context Explorer?
A. Context Explorer is a tool used primarily by analysts looking for trends across varying periods of time.
B. Context Explorer can be added as a widget to a dashboard.
C. Widgets offer users an at-a-glance view of their environment.
D. Widgets are offered to all users, whereas Context Explorer is limited to a few roles.
Correct Answer: B
Question 13:
Which option is true of the Packet Information portion of the Packet View screen?
A. provides a table view of events
B. allows you to download a PCAP formatted file of the session that triggered the event
C. displays packet data in a format based on TCP/IP layers
D. shows you the user that triggered the event
Correct Answer: C
Question 14:
When you are editing an intrusion policy, how do you know that you have changed?
A. The Commit Changes button is enabled.
B. A system message notifies you.
C. You are prompted to save your changes on every screen refresh.
D. A yellow, triangular icon displays next to the Policy Information option in the navigation panel.
Correct Answer: D
Question 15:
Which option is used to implement suppression in the Rule Management user interface?
A. Rule Category
B. Global
C. Source
D. Protocol
Correct Answer: C
Enjoy two premium benefits for free! Although they are only part of the Lead4Pass 500-285 dumps!
Now, use PDF or VCE to practice Lead4Pass 500-285 dumps: https://www.leads4pass.com/500-285.html (60 Q&A), assisting you to pass the Cisco 500-285 SSFIPS certification exam 100% successfully.