1. Home
  2. Cisco
  3. 500-285

Securing Cisco Networks with Sourcefire Intrusion Prevention System

Exam Details

  • Exam Code
    :500-285
  • Exam Name
    :Securing Cisco Networks with Sourcefire Intrusion Prevention System
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :60 Q&As
  • Last Updated
    :Mar 23, 2025

Cisco Cisco Certifications 500-285 Questions & Answers

  • Question 11:

    Correlation policy rules allow you to construct criteria for alerting on very specific conditions. Which option is an example of such a rule?

    A. testing password strength when accessing an application

    B. limiting general user access to administrative file shares

    C. enforcing two-factor authentication for access to critical servers

    D. issuing an alert if a noncompliant operating system is detected or if a host operating system changes to a noncompliant operating system when it was previously profiled as a compliant one

  • Question 12:

    Which option is a valid whitelist evaluation value?

    A. pending

    B. violation

    C. semi-compliant

    D. not-evaluated

  • Question 13:

    Stacking allows a primary device to utilize which resources of secondary devices?

    A. interfaces, CPUs, and memory

    B. CPUs and memory

    C. interfaces, CPUs, memory, and storage

    D. interfaces and storage

  • Question 14:

    Which interface type allows for bypass mode?

    A. inline

    B. switched

    C. routed

    D. grouped

  • Question 15:

    Which interface type allows for VLAN tagging?

    A. inline

    B. switched

    C. high-availability link

    D. passive

  • Question 16:

    The gateway VPN feature supports which deployment types?

    A. SSL and HTTPS

    B. PPTP and MPLS

    C. client and route-based

    D. point-to-point, star, and mesh

  • Question 17:

    Which statement is true concerning static NAT?

    A. Static NAT supports only TCP traffic.

    B. Static NAT is normally deployed for outbound traffic only.

    C. Static NAT provides a one-to-one mapping between IP addresses.

    D. Static NAT provides a many-to-one mapping between IP addresses.

  • Question 18:

    Which Sourcefire feature allows you to send traffic directly through the device without inspecting it?

    A. fast-path rules

    B. thresholds or suppressions

    C. blacklist

    D. automatic application bypass

  • Question 19:

    Which mechanism should be used to write an IPS rule that focuses on the client or server side of a TCP communication?

    A. the directional operator in the rule header

    B. the "flow" rule option

    C. specification of the source and destination ports in the rule header

    D. The detection engine evaluates all sides of a TCP communication regardless of the rule options.

  • Question 20:

    When configuring an LDAP authentication object, which server type is available?

    A. Microsoft Active Directory

    B. Yahoo

    C. Oracle

    D. SMTP

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 500-285 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.