[Free] 2018(Mar) Dumps4cert Testinsides Cisco 500-290 Dumps with VCE and PDF 11-20

Author: April 20, 2018

500-290 Latest Exam (Mar 2018)

,

Dumps4cert.com : Latest Dumps with PDF and VCE Files
2018 Mar Cisco Official New Released 500-290
100% Free Download! 100% Pass Guaranteed!
http://www.Dumps4cert.com/500-290.html

Securing Cisco Networks with Sourcefire FireAMP Endpoints

Question No: 11

Custom whitelists are used for which purpose?

  1. to specify which files to alert on

  2. to specify which files to delete

  3. to specify which files to ignore

  4. to specify which files to sandbox

Answer: C

Question No: 12

How does application blocking enhance security?

  1. It identifies and logs usage.

  2. It tracks application abuse.

  3. It deletes identified applications.

  4. It blocks vulnerable applications from running, until they are patched.

Answer: D

Question No: 13

Which set of actions would you take to create a simple custom detection?

  1. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.

  2. Upload a packet capture; use a Snort rule; use a ClamAV rule.

  3. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.

  4. Input the file and file name.

Answer: A

Question No: 14

Advanced custom signatures are written using which type of syntax?

  1. Snort signatures

  2. Firewall signatures

  3. ClamAV signatures

  4. bash shell

Answer: C

Question No: 15

What is a valid data source for DFC Windows connector policy configuration?

  1. SANS

  2. NIST

  3. Emerging Threats

  4. Custom and Sourcefire

Answer: D

Question No: 16

The Update Window allows you to perform which action?

  1. identify which hosts need to be updated

  2. email the user to download a new client

  3. specify a timeframe when an upgrade can be started and stopped

  4. update your cloud instance

Answer: C

Question No: 17

The FireAMP connector supports which proxy type?

  1. SOCKS6

  2. HTTP_proxy

  3. SOCKS5_filename

  4. SOCKS7

Answer: B

Question No: 18

What do policies enable you to do?

  1. specify a custom whitelist

  2. specify group membership

  3. specify hosts to include in reports

  4. specify which events to view

Answer: A

Question No: 19

What is the default clean disposition cache setting?

A. 3600

B. 604800

C. 10080

D. 1 hour

Answer: B

Question No: 20

Which statement represents a best practice for deploying on Windows servers?

  1. You should treat Windows servers like any other host in the deployment.

  2. You should obtain the Microsoft TechNet article that describes the proper exclusions for

    Windows servers.

  3. You should never configure exclusions for Windows servers.

  4. You should deploy FireAMP connectors only alongside existing antivirus software on Windows servers.

Answer: B

100% Dumps4cert Free Download!
Download Free Demo:500-290 Demo PDF
100% Dumps4cert Free Guaranteed!
500-290 Dumps

Dumps4cert ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
PDF VCE Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No