Issuu on Google+

CertBus.com

500-290 Q&As IPS Express Security for Engineers Pass Cisco 500-290 Exam with 100% Guarantee Free Download Real Questions & Answers PDF and VCE file from: http://www.CertBus.com/500-290.html 100% Passing Guarantee 100% Money Back Assurance

Following Questions and Answers are all new published by Cisco Official Exam Center

Instant Download After Purchase 100% Money Back Guarantee 365 Days Free Update 80000+ Satisfied Customers


Vendor: Cisco

Exam Code: 500-290

Exam Name: IPS Express Security for Engineers

Version: Demo


100% Real Q&As | 100 Real Pass | CertBus.com Question Set 1 QUESTION 1 What are the two categories of variables that you can configure in Object Management? A. B. C. D.

System Default Variables and FireSIGHT-Specific Variables System Default Variables and Procedural Variables Default Variables and Custom Variables Policy-Specific Variables and Procedural Variables

Correct Answer: C QUESTION 2 Which option is true regarding the $HOME_NET variable? A. B. C. D.

is a policy-level variable has a default value of "all" defines the network the active policy protects is used by all rules to define the internal network

Correct Answer: C QUESTION 3 Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence? A. B. C. D.

subscribe to a URL intelligence feed subscribe to a VRT upload a list that you create automatically upload lists from a network share

Correct Answer: C QUESTION 4 Which statement is true in regard to the Sourcefire Security Intelligence lists? A. B. C. D.

The global blacklist universally allows all traffic through the managed device. The global whitelist cannot be edited. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer. The Security Intelligence lists cannot be updated.

Correct Answer: C

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


100% Real Q&As | 100 Real Pass | CertBus.com Question Set 1 QUESTION 1 Which statement is true when adding a network to an access control rule? A. B. C. D.

You can select only source networks. You must have preconfigured the network as an object. You can select the source and destination networks or network groups. You cannot include multiple networks or network groups as sources or destinations.

Correct Answer: C QUESTION 2 Which option is true when configuring an access control rule? A. You can use geolocation criteria to specify source IP addresses by country and continent, as well as destination IP addresses by country and continent. B. You can use geolocation criteria to specify destination IP addresses by country but not source IP addresses. C. You can use geolocation criteria to specify source and destination IP addresses by country but not by continent. D. You can use geolocation criteria to specify source and destination IP addresses by continent but not by country. Correct Answer: A QUESTION 3 How do you configure URL filtering? A. Add blocked URLs to the global blacklist. B. Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy. C. Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed. D. Create a variable. Correct Answer: C QUESTION 4 When adding source and destination ports in the Ports tab of the access control policy rule editor, which restriction is in place? A. B. C. D.

The protocol is restricted to TCP only. The protocol is restricted to UDP only. The protocol is restricted to TCP or UDP. The protocol is restricted to TCP and UDP.

Correct Answer: C QUESTION 5 Access control policy rules can be configured to block based on the conditions that you specify in each rule. Which behavior block response do you use if you want to deny and reset the connection of HTTP traffic that meets the conditions of the access control rule? A. B. C. D.

interactive block with reset interactive block block block with reset

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


100% Real Q&As | 100 Real Pass | CertBus.com

Correct Answer: D QUESTION 6 Which option transmits policy-based alerts such as SNMP and syslog? A. B. C. D.

the Defense Center FireSIGHT the managed device the host

Correct Answer: C

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


100% Real Q&As | 100 Real Pass | CertBus.com Question Set 1 QUESTION 1 One of the goals of geolocation is to identify which option? A. B. C. D.

the location of any IP address the location of a MAC address the location of a TCP connection the location of a routable IP address

Correct Answer: D QUESTION 2 Which option is not a characteristic of dashboard widgets or Context Explorer? A. B. C. D.

Context Explorer is a tool used primarily by analysts looking for trends across varying periods of time. Context Explorer can be added as a widget to a dashboard. Widgets offer users an at-a-glance view of their environment. Widgets are offered to all users, whereas Context Explorer is limited to a few roles.

Correct Answer: B QUESTION 3 Which option is true of the Packet Information portion of the Packet View screen? A. B. C. D.

provides a table view of events allows you to download a PCAP formatted file of the session that triggered the event displays packet data in a format based on TCP/IP layers shows you the user that triggered the event

Correct Answer: C

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


100% Real Q&As | 100 Real Pass | CertBus.com Question Set 1 QUESTION 1 When you are editing an intrusion policy, how do you know that you have changes? A. B. C. D.

The Commit Changes button is enabled. A system message notifies you. You are prompted to save your changes on every screen refresh. A yellow, triangular icon displays next to the Policy Information option in the navigation panel.

Correct Answer: D QUESTION 2 Which option is used to implement suppression in the Rule Management user interface? A. B. C. D.

Rule Category Global Source Protocol

Correct Answer: C QUESTION 3 FireSIGHT recommendations appear in which layer of the Policy Layers page? A. B. C. D.

Layer Summary User Layers Built-In Layers FireSIGHT recommendations do not show up as a layer.

Correct Answer: C

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


100% Real Q&As | 100 Real Pass | CertBus.com Question Set 1 QUESTION 1 Host criticality is an example of which option? A. B. C. D.

a default whitelist a default traffic profile a host attribute a correlation policy

Correct Answer: C QUESTION 2 FireSIGHT uses three primary types of detection to understand the environment in which it is deployed. Which option is one of the detection types? A. B. C. D.

protocol layer application objects devices

Correct Answer: B QUESTION 3 When configuring FireSIGHT detection, an administrator would create a network discovery policy and set the action to "discover". Which option is a possible type of discovery? A. B. C. D.

host IPS event anti-malware networks

Correct Answer: A QUESTION 4 Which option is derived from the discovery component of FireSIGHT technology? A. B. C. D.

connection event table view network profile host profile authentication objects

Correct Answer: C QUESTION 5 The IP address::/0 is equivalent to which IPv4 address and netmask? A. B. C. D.

0.0.0.0 0.0.0.0/0 0.0.0.0/24 The IP address::/0 is not valid IPv6 syntax.

Correct Answer: B QUESTION 6 In addition to the discovery of new hosts, FireSIGHT can also perform which function? A. block traffic

Contact Us: www.CertBus.com Get Success in Passing Your Certification Exam at first attempt


Why Select/Choose CertBus.com? Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material. • 7000+ Real Questions and Answers • 6000+ Free demo downloads available • 50+ Preparation Labs • 20+ Representatives Providing 24/7 Support


To Read the Whole Q&As, please purchase the Complete Version from Our website.

Trying our product ! ★ 100% Guaranteed Success ★ 100% Money Back Guarantee ★ 365 Days Free Update ★ Instant Download After Purchase ★ 24x7 Customer Support ★ Average 99.9% Success Rate ★ More than 69,000 Satisfied Customers Worldwide ★ Multi-Platform capabilities - Windows, Mac, Android, iPhone, iPod, iPad, Kindle

Need Help Please provide as much detail as possible so we can best assist you. To update a previously submitted ticket:

Guarantee & Policy | Privacy & Policy | Terms & Conditions Any charges made through this site will appear as Global Simulators Limited. All trademarks are the property of their respective owners. Copyright © 2004-2015, All Rights Reserved.


Certbus cisco 500-290 study materials braindumps with real exam