Cisco 500-285 - Securing Cisco Networks with Sourcefire IPS Exam

Page:    1 / 12   
Total 60 questions

Which statement is true in regard to the Sourcefire Security Intelligence lists?

  • A. The global blacklist universally allows all traffic through the managed device.
  • B. The global whitelist cannot be edited.
  • C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer.
  • D. The Security Intelligence lists cannot be updated.


Answer : C

Which option is true regarding the $HOME_NET variable?

  • A. is a policy-level variable
  • B. has a default value of "all"
  • C. defines the network the active policy protects
  • D. is used by all rules to define the internal network


Answer : C

What are the two categories of variables that you can configure in Object Management?

  • A. System Default Variables and FireSIGHT-Specific Variables
  • B. System Default Variables and Procedural Variables
  • C. Default Variables and Custom Variables
  • D. Policy-Specific Variables and Procedural Variables


Answer : C

Which option is one of the three methods of updating the IP addresses in Sourcefire
Security Intelligence?
A. subscribe to a URL intelligence feed

B. subscribe to a VRT -
C. upload a list that you create
D. automatically upload lists from a network share



Answer : C Topic 2, Access Control Policy

When adding source and destination ports in the Ports tab of the access control policy rule editor, which restriction is in place?

  • A. The protocol is restricted to TCP only.
  • B. The protocol is restricted to UDP only.
  • C. The protocol is restricted to TCP or UDP.
  • D. The protocol is restricted to TCP and UDP.


Answer : C

Page:    1 / 12   
Total 60 questions