Cisco 500-290 Dumps

Exam: IPS Express Security for Engineers

Play Cisco 500-290 VCE files with Avanset VCE Simulator
 

Cisco 500-290 Exam Tutorial

Showing 1-20 of 60 Questions   (Page 1 out of 3)


Question No : 1

When you are editing an intrusion policy, how do you know that you have changes?

A. The Commit Changes button is enabled.
B. A system message notifies you.
C. You are prompted to save your changes on every screen refresh.
D. A yellow, triangular icon displays next to the Policy Information option in the navigation panel.


Question No : 2

Which statement is true regarding malware blocking over HTTP?

A. It can be done only in the download direction.
B. It can be done only in the upload direction.
C. It can be done in both the download and upload direction.
D. HTTP is not a supported protocol for malware blocking.


Question No : 3

What is the maximum timeout value for a browser session?

A. 60 minutes
B. 120 minutes
C. 1024 minutes
D. 1440 minutes


Question No : 4

Cisco FireSIGHT can provide visibility into which three types of information that competing
products cannot? (Choose three.)

A. client-side applications
B. viruses
C. DoS attacks
D. mobile devices
E. database queries
F. VM communications


Question No : 5

Controlling simultaneous connections is a feature of which type of preprocessor?

A. rate-based attack prevention
B. detection enhancement
C. TCP and network layer preprocessors
D. performance settings


Question No : 6

Which interface type allows for VLAN tagging?

A. inline
B. switched
C. high-availability link
D. passive


Question No : 7

Which statement is true when adding a network to an access control rule?

A. You can select only source networks.
B. You must have preconfigured the network as an object.
C. You can select the source and destination networks or network groups.
D. You cannot include multiple networks or network groups as sources or destinations.


Question No : 8

FireSIGHT recommendations appear in which layer of the Policy Layers page?

A. Layer Summary
B. User Layers
C. Built-In Layers
D. FireSIGHT recommendations do not show up as a layer.


Question No : 9

Which option is true when configuring an access control rule?

A. You can use geolocation criteria to specify source IP addresses by country and continent, as well as destination IP addresses by country and continent.
B. You can use geolocation criteria to specify destination IP addresses by country but not source IP addresses.
C. You can use geolocation criteria to specify source and destination IP addresses by country but not by continent.
D. You can use geolocation criteria to specify source and destination IP addresses by continent but not by country.


Question No : 10

According to Gartner, which criteria distinguish a next-generation IPS?

A. Agile Security engine, VPN, and context awareness
B. firewall capabilities, full-stack visibility, and content awareness
C. content awareness, contextual awareness, and Agile Security engine
D. full-stack visibility, contextual awareness, and network access control


Question No : 11

Context Explorer can be accessed by a subset of user roles. Which predefined user role is
not valid for FireSIGHT event access?

A. Administrator
B. Intrusion Administrator
C. Security Analyst
D. Security Analyst (Read-Only)


Question No : 12

In addition to the discovery of new hosts, FireSIGHT can also perform which function?

A. block traffic
B. determine which users are involved in monitored connections
C. discover information about users
D. route traffic


Question No : 13

A user discovery agent can be installed on which platform?

A. OpenLDAP
B. Windows
C. RADIUS
D. Ubuntu


Question No : 14

Access control policy rules can be configured to block based on the conditions that you
specify in each rule. Which behavior block response do you use if you want to deny and
reset the connection of HTTP traffic that meets the conditions of the access control rule?

A. interactive block with reset
B. interactive block
C. block
D. block with reset


Question No : 15

Which option is used to implement suppression in the Rule Management user interface?

A. Rule Category
B. Global
C. Source
D. Protocol


Question No : 16

The IP address ::/0 is equivalent to which IPv4 address and netmask?

A. 0.0.0.0
B. 0.0.0.0/0
C. 0.0.0.0/24
D. The IP address ::/0 is not valid IPv6 syntax.


Question No : 17

Host criticality is an example of which option?

A. a default whitelist
B. a default traffic profile
C. a host attribute
D. a correlation policy


Question No : 18

Which Cisco AMP deployment would you recommend for advanced customers that want
comprehensive threat protection, investigation, and response?

A. trajectory
B. AMP for MX
C. AMP for Networks
D. AMP for VPN


Question No : 19

Which statement describes the meaning of a red health status icon?

A. A critical threshold has been exceeded.
B. At least one health module has failed.
C. A health policy has been disabled on a monitored device.
D. A warning threshold has been exceeded.


Question No : 20

Which option can you enter in the Search text box to look for the trajectory of a particular
file?

A. the MD5 hash value of the file
B. the SHA-256 hash value of the file
C. the URL of the file
D. the SHA-512 hash value of the file


Showing 1-20 of 60 Questions   (Page 1 out of 3)

Close

Close
NOVEMBER DISCOUNT: 20%

Exam-Labs PREMIUM Files

Get 20% Discount on all Exam-Labs.com PREMIUM files!



Enter Your Email Address to Receive Your 20% Discount Code

A Confirmation Link will be sent to this email address to verify your login

We value your privacy.
We will not rent or sell your email address

Close
Download Free Demo of VCE
Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.


Simply submit your e-mail address below to get started with our interactive software demo of your free trial.


Enter Your Email Address

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.