Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Cisco
  3. Additional Online Exams
  4. 500-285
  5. Securing Cisco Networks with Sourcefire IPS Questions and Answers

500-285 Securing Cisco Networks with Sourcefire IPS Questions and Answers

Questions 4

Which option is a remediation module that comes with the Sourcefire System?

Options:

A.

Cisco IOS Null Route

B.

Syslog Route

C.

Nmap Route Scan

D.

Response Group

Buy Now
Questions 5

Remote access to the Defense Center database has which characteristic?

Options:

A.

read/write

B.

read-only

C.

Postgres

D.

Estreamer

Buy Now
Questions 6

Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

Options:

A.

Administrator

B.

Intrusion Administrator

C.

Maintenance User

D.

Database Administrator

Buy Now
Questions 7

Which statement describes the meaning of a red health status icon?

Options:

A.

A critical threshold has been exceeded.

B.

At least one health module has failed.

C.

A health policy has been disabled on a monitored device.

D.

A warning threshold has been exceeded.

Buy Now
Questions 8

Context Explorer can be accessed by a subset of user roles. Which predefined user role is not valid for FireSIGHT event access?

Options:

A.

Administrator

B.

Intrusion Administrator

C.

Security Analyst

D.

Security Analyst (Read-Only)

Buy Now
Questions 9

FireSIGHT recommendations appear in which layer of the Policy Layers page?

Options:

A.

Layer Summary

B.

User Layers

C.

Built-In Layers

D.

FireSIGHT recommendations do not show up as a layer.

Buy Now
Questions 10

When you are editing an intrusion policy, how do you know that you have changes?

Options:

A.

The Commit Changes button is enabled.

B.

A system message notifies you.

C.

You are prompted to save your changes on every screen refresh.

D.

A yellow, triangular icon displays next to the Policy Information option in the navigation panel.

Buy Now
Questions 11

Which Sourcefire feature allows you to send traffic directly through the device without inspecting it?

Options:

A.

fast-path rules

B.

thresholds or suppressions

C.

blacklist

D.

automatic application bypass

Buy Now
Questions 12

Which interface type allows for bypass mode?

Options:

A.

inline

B.

switched

C.

routed

D.

grouped

Buy Now
Questions 13

Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence?

Options:

A.

subscribe to a URL intelligence feed

B.

subscribe to a VRT

C.

upload a list that you create

D.

automatically upload lists from a network share

Buy Now
Questions 14

What are the two categories of variables that you can configure in Object Management?

Options:

A.

System Default Variables and FireSIGHT-Specific Variables

B.

System Default Variables and Procedural Variables

C.

Default Variables and Custom Variables

D.

Policy-Specific Variables and Procedural Variables

Buy Now
Questions 15

Suppose an administrator is configuring an IPS policy and attempts to enable intrusion rules that require the operation of the TCP stream preprocessor, but the TCP stream preprocessor is turned off. Which statement is true in this situation?

Options:

A.

The administrator can save the IPS policy with the TCP stream preprocessor turned off, but the rules requiring its operation will not function properly.

B.

When the administrator enables the rules and then attempts to save the IPS policy, the administrator will be prompted to accept that the TCP stream preprocessor will be turned on for the IPS policy.

C.

The administrator will be prevented from changing the rule state of the rules that require the TCP stream preprocessor until the TCP stream preprocessor is enabled.

D.

When the administrator enables the rules and then attempts to save the IPS policy, the administrator will be prompted to accept that the rules that require the TCP stream preprocessor will be turned off for the IPS policy.

Buy Now
Questions 16

Which statement represents detection capabilities of the HTTP preprocessor?

Options:

A.

You can configure it to blacklist known bad web servers.

B.

You can configure it to normalize cookies in HTTP headers.

C.

You can configure it to normalize image content types.

D.

You can configure it to whitelist specific servers.

Buy Now
Questions 17

Other than navigating to the Network File Trajectory page for a file, which option is an alternative way of accessing the network trajectory of a file?

Options:

A.

from Context Explorer

B.

from the Analysis menu

C.

from the cloud

D.

from the Defense Center

Buy Now
Questions 18

Which option can you enter in the Search text box to look for the trajectory of a particular file?

Options:

A.

the MD5 hash value of the file

B.

the SHA-256 hash value of the file

C.

the URL of the file

D.

the SHA-512 hash value of the file

Buy Now
Exam Code: 500-285
Exam Name: Securing Cisco Networks with Sourcefire IPS
Last Update: Apr 30, 2026
Questions: 60

PDF + Testing Engine

$65.27  $186.49
buy now 500-285 pdf + testing engine

Testing Engine

$52.32  $149.49
buy now 500-285 testing engine

PDF (Q&A)

$48.12  $137.49
buy now 500-285 pdf