← Back to exam page

500-285 Securing Cisco Networks with Sourcefire IPS

Loading demo links...

Showing 7–9 of 10 questions

Question 7 (FireSIGHT Technologies)

FireSIGHT uses three primary types of detection to understand the environment in which it is deployed. Which option is one of the detection types?

Select an option, then click Submit answer.

  • protocol layer

  • application

  • objects

  • devices
Question 8 (Correlation Policies)

What does the whitelist attribute value "not evaluated" indicate?

Select an option, then click Submit answer.

  • The host is not a target of the whitelist.

  • The host could not be evaluated because no profile exists for it.

  • The whitelist status could not be updated because the correlation policy it belongs to is not enabled.

  • The host is not on a monitored network segment.
Question 9 (FireSIGHT Technologies)

Which option is derived from the discovery component of FireSIGHT technology?

Select an option, then click Submit answer.

  • connection event table view

  • network profile

  • host profile

  • authentication objects