Exam Code: 500-275
Exam Name: Securing Cisco Networks with Sourcefire FireAMP Endpoints
Lead2pass has updated the 500-275 brain dumps recently, Download the free demo in PDF on our website, it would be great help for your Cisco 500-275 exam.
Custom whitelists are used for which purpose?
A. to specify which files to alert on
B. to specify which files to delete
C. to specify which files to ignore
D. to specify which files to sandbox
How does application blocking enhance security?
A. It identifies and logs usage.
B. It tracks application abuse.
C. It deletes identified applications.
D. It blocks vulnerable applications from running, until they are patched.
Which set of actions would you take to create a simple custom detection?
A. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
B. Upload a packet capture; use a Snort rule; use a ClamAV rule.
C. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
D. Input the file and file name.
Advanced custom signatures are written using which type of syntax?
A. Snort signatures
B. Firewall signatures
C. ClamAV signatures
D. bash shell
What is a valid data source for DFC Windows connector policy configuration?
C. Emerging Threats
D. Custom and Sourcefire
The Update Window allows you to perform which action?
A. identify which hosts need to be updated
B. email the user to download a new client
C. specify a timeframe when an upgrade can be started and stopped
D. update your cloud instance
The FireAMP connector supports which proxy type?
What do policies enable you to do?
A. specify a custom whitelist
B. specify group membership
C. specify hosts to include in reports
D. specify which events to view
What is the default clean disposition cache setting?
D. 1 hour
If you want to get more 500-275 exam preparation material,you can download the free demos in PDF files on Lead2pass.It would be great help for you exam.Wish you pass the exam successfully.