Ensurepass.com : Ensure you pass the IT Exams
2018 Jan Cisco Official New Released 500-285
100% Free Download! 100% Pass Guaranteed!
http://www.EnsurePass.com/500-285.html
Securing Cisco Networks with Sourcefire IPS
Question No: 11 – (Topic 3)
Which option is true of the Packet Information portion of the Packet View screen?
-
provides a table view of events
-
allows you to download a PCAP formatted file of the session that triggered the event
-
displays packet data in a format based on TCP/IP layers
-
shows you the user that triggered the event
Answer: C
Question No: 12 – (Topic 3)
Which option is not a characteristic of dashboard widgets or Context Explorer?
-
Context Explorer is a tool used primarily by analysts looking for trends across varying periods of time.
-
Context Explorer can be added as a widget to a dashboard.
-
Widgets offer users an at-a-glance view of their environment.
-
Widgets are offered to all users, whereas Context Explorer is limited to a few roles.
Answer: B
Question No: 13 – (Topic 3)
One of the goals of geolocation is to identify which option?
-
the location of any IP address
-
the location of a MAC address
-
the location of a TCP connection
-
the location of a routable IP address
Answer: D
Topic 4, IPS Policy Basics
Question No: 14 – (Topic 4)
FireSIGHT recommendations appear in which layer of the Policy Layers page?
-
Layer Summary
-
User Layers
-
Built-In Layers
-
FireSIGHT recommendations do not show up as a layer.
Answer: C
Question No: 15 – (Topic 4)
When you are editing an intrusion policy, how do you know that you have changes?
-
The Commit Changes button is enabled.
-
A system message notifies you.
-
You are prompted to save your changes on every screen refresh.
-
A yellow, triangular icon displays next to the Policy Information option in the navigation panel.
Answer: D
Question No: 16 – (Topic 4)
Which option is used to implement suppression in the Rule Management user interface?
-
Rule Category
-
Global
-
Source
-
Protocol
Answer: C
Topic 5, FireSIGHT Technologies
Question No: 17 – (Topic 5)
In addition to the discovery of new hosts, FireSIGHT can also perform which function?
-
block traffic
-
determine which users are involved in monitored connections
-
discover information about users
-
route traffic
Answer: B
Question No: 18 – (Topic 5)
FireSIGHT uses three primary types of detection to understand the environment in which it is deployed. Which option is one of the detection types?
-
protocol layer
-
application
-
objects
-
devices
Answer: B
Question No: 19 – (Topic 5)
Which option is derived from the discovery component of FireSIGHT technology?
-
connection event table view
-
network profile
-
host profile
-
authentication objects
Answer: C
Question No: 20 – (Topic 5)
The IP address::/0 is equivalent to which IPv4 address and netmask?
A. 0.0.0.0
B. 0.0.0.0/0
C. 0.0.0.0/24
D. The IP address::/0 is not valid IPv6 syntax.
Answer: B
100% Ensurepass Free Download!
–Download Free Demo:500-285 Demo PDF
100% Ensurepass Free Guaranteed!
–500-285 Dumps
| EnsurePass | ExamCollection | Testking | |
|---|---|---|---|
| Lowest Price Guarantee | Yes | No | No |
| Up-to-Dated | Yes | No | No |
| Real Questions | Yes | No | No |
| Explanation | Yes | No | No |
| PDF VCE | Yes | No | No |
| Free VCE Simulator | Yes | No | No |
| Instant Download | Yes | No | No |
100-105 Dumps VCE PDF
200-105 Dumps VCE PDF
300-101 Dumps VCE PDF
300-115 Dumps VCE PDF
300-135 Dumps VCE PDF
300-320 Dumps VCE PDF
400-101 Dumps VCE PDF
640-911 Dumps VCE PDF
640-916 Dumps VCE PDF
70-410 Dumps VCE PDF
70-411 Dumps VCE PDF
70-412 Dumps VCE PDF
70-413 Dumps VCE PDF
70-414 Dumps VCE PDF
70-417 Dumps VCE PDF
70-461 Dumps VCE PDF
70-462 Dumps VCE PDF
70-463 Dumps VCE PDF
70-464 Dumps VCE PDF
70-465 Dumps VCE PDF
70-480 Dumps VCE PDF
70-483 Dumps VCE PDF
70-486 Dumps VCE PDF
70-487 Dumps VCE PDF
220-901 Dumps VCE PDF
220-902 Dumps VCE PDF
N10-006 Dumps VCE PDF
SY0-401 Dumps VCE PDF