Cisco 500-285 - Securing Cisco Networks with Sourcefire IPS Exam

Question #1 (Topic: Topic 1)
Which statement is true in regard to the Sourcefire Security Intelligence lists?
A. The global blacklist universally allows all traffic through the managed device. B. The global whitelist cannot be edited. C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer. D. The Security Intelligence lists cannot be updated.
Answer: C
Question #2 (Topic: Topic 1)
Which option is true regarding the $HOME_NET variable?
A. is a policy-level variable B. has a default value of "all" C. defines the network the active policy protects D. is used by all rules to define the internal network
Answer: C
Question #3 (Topic: Topic 1)
What are the two categories of variables that you can configure in Object Management?
A. System Default Variables and FireSIGHT-Specific Variables B. System Default Variables and Procedural Variables C. Default Variables and Custom Variables D. Policy-Specific Variables and Procedural Variables
Answer: C
Question #4 (Topic: Topic 1)
Which option is one of the three methods of updating the IP addresses in Sourcefire
Security Intelligence?
A. subscribe to a URL intelligence feed
B. subscribe to a VRT
C. upload a list that you create
D. automatically upload lists from a network share
Answer: C Topic 2, Access Control Policy
Question #5 (Topic: Topic 2)
When adding source and destination ports in the Ports tab of the access control policy rule
editor, which restriction is in place?
A. The protocol is restricted to TCP only. B. The protocol is restricted to UDP only. C. The protocol is restricted to TCP or UDP. D. The protocol is restricted to TCP and UDP.
Answer: C
Download Exam
Page: 1 / 12
Total 60 questions