Exam Code: 500-285 (Practice Exam Latest Test Questions VCE PDF)
Exam Name: Securing Cisco Networks with Sourcefire IPS
Certification Provider: Cisco
Free Today! Guaranteed Training- Pass 500-285 Exam.


2026 New 500-285 Exam Dumps with PDF and VCE Free: https://www.2passeasy.com/dumps/500-285/

Q1. Which event source can have a default workflow configured? 

A. user events 

B. discovery events 

C. server events 

D. connection events 

Answer:

Q2. Which option is a valid whitelist evaluation value? 

A. pending 

B. violation 

C. semi-compliant 

D. not-evaluated 

Answer:

Q3. Host criticality is an example of which option? 

A. a default whitelist 

B. a default traffic profile 

C. a host attribute 

D. a correlation policy 

Answer:

Q4. Stacking allows a primary device to utilize which resources of secondary devices? 

A. interfaces, CPUs, and memory 

B. CPUs and memory 

C. interfaces, CPUs, memory, and storage 

D. interfaces and storage 

Answer:

Q5. Which option is derived from the discovery component of FireSIGHT technology? 

A. connection event table view 

B. network profile 

C. host profile 

D. authentication objects 

Answer:

Q6. Which option is a remediation module that comes with the Sourcefire System? 

A. Cisco IOS Null Route 

B. Syslog Route 

C. Nmap Route Scan 

D. Response Group 

Answer:

Q7. Which statement is true in regard to the Sourcefire Security Intelligence lists? 

A. The global blacklist universally allows all traffic through the managed device. 

B. The global whitelist cannot be edited. 

C. IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer. 

D. The Security Intelligence lists cannot be updated. 

Answer:

Q8. Which statement is true when network traffic meets the criteria specified in a correlation rule? 

A. Nothing happens, because you cannot assign a group of rules to a correlation policy. 

B. The network traffic is blocked. 

C. The Defense Center generates a correlation event and initiates any configured responses. 

D. An event is logged to the Correlation Policy Management table. 

Answer:

Q9. What does packet latency thresholding measure? 

A. the total elapsed time it takes to process a packet 

B. the amount of time it takes for a rule to process 

C. the amount of time it takes to process an event 

D. the time span between a triggered event and when the packet is dropped 

Answer:

Q10. Which option is not a characteristic of dashboard widgets or Context Explorer? 

A. Context Explorer is a tool used primarily by analysts looking for trends across varying periods of time. 

B. Context Explorer can be added as a widget to a dashboard. 

C. Widgets offer users an at-a-glance view of their environment. 

D. Widgets are offered to all users, whereas Context Explorer is limited to a few roles. 

Answer: