Exam Code: 500-275 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: SSFAMP Securing Cisco Networks with Sourcefire FireAMP Endpoints
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 500-275 Exam.
2026 New 500-275 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/500-275/
Q1. Which action can you take from the Detections/Quarantine screen?
A. Create a policy.
B. Restore the detected file.
C. Run a report.
D. Change computer group membership.
Answer: B
Q2. What is a valid data source for DFC Windows connector policy configuration?
A. SANS
B. NIST
C. Emerging Threats
D. Custom and Sourcefire
Answer: D
Q3. The FireAMP connector monitors the system for which type of activity?
A. vulnerabilities
B. enforcement of usage policies
C. file operations
D. authentication activity
Answer: C
Q4. Which option represents a configuration step on first use?
A. Verify, Contain, and Protect
B. User Account Setup
C. System Defaults Configuration
D. Event Filtering
Answer: A
Q5. Which set of actions would you take to create a simple custom detection?
A. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
B. Upload a packet capture; use a Snort rule; use a ClamAV rule.
C. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
D. Input the file and file name.
Answer: A
Q6. Which question should be in your predeployment checklist?
A. How often are backup jobs run?
B. Are any Linux servers being deployed?
C. Who are the users of the hosts on which you will deploy?
D. Which applications are installed on the hosts on which you will deploy?
Answer: D