Which type of activity is shown in the Device Trajectory page?
A. the IP addresses of hosts on which a file was seen
B. the activity of the FireAMP console users
C. the hosts that are in the same group as the selected host
D. file creation
Which statement is true about the Device Trajectory feature?
A. It shows where the endpoint devices have moved in your environment by displaying each IP address that a device has had over time.
B. A "plus" sign on the File Trajectory map indicates that you can execute the file inside FireAMP.
C. In the File Trajectory map, you can view the parent process for a file by selecting the infected system.
D. It shows hosts that display Indications of Compromise.
What is the first system that is infected with a particular malware called?
A. Patient Zero
B. Source
C. Infector
D. Carrier
Which action can you take from the Detections/Quarantine screen?
A. Create a policy.
B. Restore the detected file.
C. Run a report.
D. Change computer group membership.
What is the default command-line switch configuration, if you run a connector installation with no parameters?
A.
B.
C.
D.
When you are viewing information about a computer, what is displayed?
A. the type of antivirus software that is installed
B. the internal IP address
C. when the operating system was installed
D. the console settings
Which question should be in your predeployment checklist?
A. How often are backup jobs run?
B. Are any Linux servers being deployed?
C. Who are the users of the hosts on which you will deploy?
D. Which applications are installed on the hosts on which you will deploy?
From the Deployment screen, you can deploy agents via which mechanism?
A. push to client
B. .zip install file
C. user download from Sourcefire website or email
D. precompiled RPM package
Which statement represents a best practice for deploying on Windows servers?
A. You should treat Windows servers like any other host in the deployment.
B. You should obtain the Microsoft TechNet article that describes the proper exclusions for Windows servers.
C. You should never configure exclusions for Windows servers.
D. You should deploy FireAMP connectors only alongside existing antivirus software on Windows servers.
Incident responders use which policy mode for outbreak control?
A. Audit
B. Protect
C. Triage
D. Emergency
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 500-275 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.