Your success in Cisco 500-285 is our sole target and we develop all our 500-285 braindumps in a way that facilitates the attainment of this target. Not only is our 500-285 study material the best you can find, it is also the most detailed and the most updated. 500-285 Practice Exams for Cisco 500-285 are written to the highest standards of technical accuracy.
2026 New 500-285 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/500-285/
Q1. Which statement is true when network traffic meets the criteria specified in a correlation rule?
A. Nothing happens, because you cannot assign a group of rules to a correlation policy.
B. The network traffic is blocked.
C. The Defense Center generates a correlation event and initiates any configured responses.
D. An event is logged to the Correlation Policy Management table.
Answer: C
Q2. Which option is true when configuring an access control rule?
A. You can use geolocation criteria to specify source IP addresses by country and continent, as well as destination IP addresses by country and continent.
B. You can use geolocation criteria to specify destination IP addresses by country but not source IP addresses.
C. You can use geolocation criteria to specify source and destination IP addresses by country but not by continent.
D. You can use geolocation criteria to specify source and destination IP addresses by continent but not by country.
Answer: A
Q3. A one-to-many type of scan, in which an attacker uses a single host to scan a single port on multiple target hosts, indicates which port scan type?
A. port scan
B. portsweep
C. decoy port scan
D. ACK scan
Answer: B
Q4. The collection of health modules and their settings is known as which option? A. appliance policy
B. system policy
C. correlation policy
D. health policy
Answer: D
Q5. Alert priority is established in which way?
A. event classification
B. priority.conf file
C. host criticality selection
D. through Context Explorer
Answer: A
Q6. Which option is true regarding the $HOME_NET variable?
A. is a policy-level variable
B. has a default value of "all"
C. defines the network the active policy protects
D. is used by all rules to define the internal network
Answer: C
Q7. Remote access to the Defense Center database has which characteristic?
A. read/write
B. read-only
C. Postgres
D. Estreamer
Answer: B
Q8. What is the maximum timeout value for a browser session?
A. 60 minutes
B. 120 minutes
C. 1024 minutes
D. 1440 minutes
Answer: D
Q9. Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence?
A. subscribe to a URL intelligence feed
B. subscribe to a VRT
C. upload a list that you create
D. automatically upload lists from a network share
Answer: C
Q10. Which option is derived from the discovery component of FireSIGHT technology?
A. connection event table view
B. network profile
C. host profile
D. authentication objects
Answer: C