500-285 Online Practice Questions and Answers

Which option is true regarding the $HOME_NET variable?

A. is a policy-level variable

B. has a default value of "all"

C. defines the network the active policy protects

D. is used by all rules to define the internal network

Which option is one of the three methods of updating the IP addresses in Sourcefire Security Intelligence?

A. subscribe to a URL intelligence feed

B. subscribe to a VRT

C. upload a list that you create

D. automatically upload lists from a network share

How do you configure URL filtering?

A. Add blocked URLs to the global blacklist.

B. Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.

C. Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.

D. Create a variable.

When you are editing an intrusion policy, how do you know that you have changes?

A. The Commit Changes button is enabled.

B. A system message notifies you.

C. You are prompted to save your changes on every screen refresh.

D. A yellow, triangular icon displays next to the Policy Information option in the navigation panel.

The IP address::/0 is equivalent to which IPv4 address and netmask?

A. 0.0.0.0

B. 0.0.0.0/0

C. 0.0.0.0/24

D. The IP address::/0 is not valid IPv6 syntax.

In addition to the discovery of new hosts, FireSIGHT can also perform which function?

A. block traffic

B. determine which users are involved in monitored connections

C. discover information about users

D. route traffic

Which option can you enter in the Search text box to look for the trajectory of a particular file?

A. the MD5 hash value of the file

B. the SHA-256 hash value of the file

C. the URL of the file

D. the SHA-512 hash value of the file

Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

A. Administrator

B. Intrusion Administrator

C. Maintenance User

D. Database Administrator

The gateway VPN feature supports which deployment types?

A. SSL and HTTPS

B. PPTP and MPLS

C. client and route-based

D. point-to-point, star, and mesh

Which option is a valid whitelist evaluation value?

A. pending

B. violation

C. semi-compliant

D. not-evaluated