[Free] Download New Latest (November 2016) Cisco 500-275 Real Exam 11-20

By | November 3, 2016

Ensurepass

QUESTION 11

Custom white lists are used for which purpose?

 

A.

to specify which files to alert on

B.

to specify which files to delete

C.

to specify which files to ignore

D.

to specify which files to sandbox

 

Correct Answer: C

 

 

QUESTION 12

How does application blocking enhance security?

 

A.

It identifies and logs usage.

B.

It tracks application abuse.

C.

It deletes identified applications.

D.

It blocks vulnerable applications from running, until they are patched.

 

Correct Answer: D

 

 

QUESTION 13

Which set of actions would you take to create a simple custom detection?

 

A.

Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.

B.

Upload a packet capture; use a Snort rule; use a ClamAV rule.

C.

Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.

D.

Input the file and file name.

 

Correct Answer: A

 

 

QUESTION 14

Advanced custom signatures are written using which type of syntax?

 

A.

Snort signatures

B.

Firewall signatures

C.

ClamAV signatures

D.

bash shell

 

Correct Answer: C

 

 

 

 

QUESTION 15

What is a valid data source for DFC Windows connector policy configuraton?

 

A.

SANS

B.

NIST

C.

Emerging Threats

D.

Custom and Sourcefire

 

Correct Answer: D

 

 

QUESTION 16

The Update Window allows you to perform which action?

 

A.

identify which hosts need to be updated

B.

email the user to download a new client

C.

specify a timeframe when an upgrade can be started and stopped

D.

update your cloud instance

 

Correct Answer: C

 

 

QUESTION 17

The FireAMP connector supports which proxy type?

 

A.

SOCKS6

B.

HTTP_proxy

C.

SOCKS5_filename

D.

SOCKS7

 

Correct Answer: B

 

 

QUESTION 18

What do policies enable you to do?

 

A.

specify a custom white list

B.

specify group membership

C.

specify hosts to include in reports

D.

specify which events to view

 

Correct Answer: A

 

 

QUESTION 19

What is the default clean disposition cache setting?

 

A.

3600

B.

604800

C.

10080

D.

1 hour

 

Correct Answer: B

QUESTION 20

Which statement represents a best practice for deploying on Windows servers?

 

A.

You should treat Windows servers like any other host in the deployment.

B.

You should obtain the Microsof TechNet article that describes the proper exclusions for Windows servers.

C.

You should never configure exclusions for Windows servers.

D.

You should deploy FireAMP connectors only alongside existing antivirus software on Windows servers.

 

Correct Answer: B

 

Free VCE & PDF File for Cisco 500-275 Real Exam

Instant Access to Free VCE Files: CCNA | CCNP | CCIE …
Instant Access to Free PDF Files: CCNA | CCNP | CCIE …