Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free Cisco 500-285 Practice Exam with Questions & Answers

Questions 1

Remote access to the Defense Center database has which characteristic?

Options:
A.

read/write

B.

read-only

C.

Postgres

D.

Estreamer

Cisco 500-285 Premium Access
Questions 2

Where do you configure widget properties?

Options:
A.

dashboard properties

B.

the Widget Properties button in the title bar of each widget

C.

the Local Configuration page

D.

Context Explorer

Questions 3

Which option is true regarding the $HOME_NET variable?

Options:
A.

is a policy-level variable

B.

has a default value of "all"

C.

defines the network the active policy protects

D.

is used by all rules to define the internal network

Questions 4

What are the two categories of variables that you can configure in Object Management?

Options:
A.

System Default Variables and FireSIGHT-Specific Variables

B.

System Default Variables and Procedural Variables

C.

Default Variables and Custom Variables

D.

Policy-Specific Variables and Procedural Variables

Questions 5

Which mechanism should be used to write an IPS rule that focuses on the client or server side of a TCP communication?

Options:
A.

the directional operator in the rule header

B.

the "flow" rule option

C.

specification of the source and destination ports in the rule header

D.

The detection engine evaluates all sides of a TCP communication regardless of the rule options.

Questions 6

Which option describes the two basic components of Sourcefire Snort rules?

Options:
A.

preprocessor configurations to define what to do with packets before the detection engine sees them, and detection engine configurations to define exactly how alerting is to take place

B.

a rule statement characterized by the message you configure to appear in the alert, and the rule body that contains all of the matching criteria such as source, destination, and protocol

C.

a rule header to define source, destination, and protocol, and the output configuration to determine which form of output to produce if the rule triggers

D.

a rule body that contains packet-matching criteria or options to define where to look for content in a packet, and a rule header to define matching criteria based on where a packet originates, where it is going, and over which protocol

Questions 7

Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

Options:
A.

Administrator

B.

Intrusion Administrator

C.

Maintenance User

D.

Database Administrator

Questions 8

When configuring an LDAP authentication object, which server type is available?

Options:
A.

Microsoft Active Directory

B.

Yahoo

C.

Oracle

D.

SMTP

Questions 9

What does the whitelist attribute value "not evaluated" indicate?

Options:
A.

The host is not a target of the whitelist.

B.

The host could not be evaluated because no profile exists for it.

C.

The whitelist status could not be updated because the correlation policy it belongs to is not enabled.

D.

The host is not on a monitored network segment.

Questions 10

Correlation policy rules allow you to construct criteria for alerting on very specific conditions. Which option is an example of such a rule?

Options:
A.

testing password strength when accessing an application

B.

limiting general user access to administrative file shares

C.

enforcing two-factor authentication for access to critical servers

D.

issuing an alert if a noncompliant operating system is detected or if a host operating system changes to a noncompliant operating system when it was previously profiled as a compliant one

Exam Code: 500-285
Certification Provider: Cisco
Exam Name: Securing Cisco Networks with Sourcefire IPS
Last Update: May 13, 2025
Questions: 60

How to Pass 500-285 Exams

PDF + Testing Engine
$174.99
$70
Add to Cart
Testing Engine
$134.99
$54
Add to Cart
PDF (Q&A)
$114.99
$46
Add to Cart

Cisco Related Exams

How to pass Cisco 500-275 - Securing Cisco Networks with Sourcefire FireAMP Endpoints Exam
How to pass Cisco 700-703 - Cisco Application Centric Infrastructure for Field Engineers Exam Exam
100-150 - Cisco Certified Support Technician (CCST) Networking
300-620 - Implementing Cisco Application Centric Infrastructure (300-620 DCACI)
300-835 - Automating Cisco Collaboration Solutions (CLAUTO)
700-505 - SMB Specialization for Account Managers
300-820 - Implementing Cisco Collaboration Cloud and Edge Solutions (300-820 CLCEI)
648-385 - Cisco Express Foundation for Field Engineers
300-601 - Implementing and Operating Cisco Data Center Core Technologies (DCCOR)
300-815 - Implementing Cisco Advanced Call Control and Mobility Services (CLACCM)
300-540 - Designing and Implementing Cisco Service Provider Cloud Network Infrastructure (SPCNI)
700-760 - Cisco Security Architecture for Account Managers
700-245 - Environmental Sustainability Practice-Building
700-451 - Enterprise Mobility Essentials for Account Managers
500-470 - Cisco Enterprise Networks SDA, SDWAN and ISE Exam for System Engineers
Cisco Free Access
Get Cisco Full Access

Cisco Free Exams
Cisco Free Exams
Examstrack offers free Cisco exam materials and practice tests to aid your Cisco certification journey.