500-260 Exam Questions

An access policy that uses URL reputation values is defined. Which option best describes what happens if a reputation is not available for a URL?

Detection of an exploit kit that is installed on a device is an example of which IoC event category?

A file-type embedded attack is an example of which IoC event category?

Which Cisco SFR feature license is needed to allow a high school security administration to implement a policy to allow student access to only high-reputation websites?

Which Cisco Fire POWER services license must the administrator have to detect and monitor the unauthorized command-and-control network traffic?

Which two Cisco ASA licensing features are correct with Cisco ASA Software Version 8.3 and later? (Choose two.)

Which Cisco ASA CLI command is used to enable HTTPS (Cisco ASDM) access from any inside host on the 10.1.16.0/20 subnet?

Which four unicast or multicast routing protocols are supported by the Cisco ASA appliance? (Choose four.)

Refer to the exhibit. Which Cisco ASA CLI commands configure these static routes in the Cisco ASA routing table?

On the Cisco ASA, tcp-map can be applied to a traffic class using which MPF CLI configuration command?

In one custom dynamic application, the inside client connects to an outside server using TCP port 4444 and negotiates return client traffic in the port range of 5000 to 5500. The s...

Refer to the exhibit. Which traffic is permitted on the inside interface without any interface ACLs configured?

Refer to the exhibit. When the user "contractor" Cisco AnyConnect tunnel is established, what type of Cisco ASA user restrictions are applied to the tunnel?

You are configuring bookmarks for the clientless SSL VPN portal without the use of plug-ins. Which three bookmark types are supported? (Choose three.)

When preconfiguring a Cisco AnyConnect profile for the user group, which file is output by the Cisco AnyConnect profile editor?

Datagram Transport Layer Security (DTLS) was introduced to solve performance issues. Which three are characteristics of DTLS? (Choose three.)

Which three options are characteristics of Web Type ACLs? (Choose three.)

Your IT department needs to run a custom-built TCP application within the clientless SSL VPN tunnel. The network administrator suggests running the smart tunnel application. Which...

When deploying clientless SSL VPN advanced application access, the administrator needs to collect information about the end-user system. Which three input parameters of an end-user...

Which license is required on the Cisco ASA NGFW for an administrator to manage it securely from a remote laptop?

A security administrator suspects that an internal system has been infected by malware and communicates with an external server. Which Cisco ASA NGFW license must the administrator...

In which two ways is the Cisco ASA CWS subscription licensed? (Choose two.)

Which security technique should be implemented to remediate after a threat is discovered?

Which port should be allowed to support communications between Sourcefire User Agent and FireSIGHT Management Center?

Which access policy action should be applied if traffic is to pass without applying any additional inspection?

Which threat score rating is the default value that identifies malware?

What are two benefits that are provided by file trajectory services? (Choose two.)

Refer to the exhibit. Which statement describes the effect of the configuration?

Which option is correct for configuring the SRF for passive, out-of-band traffic evaluation?

An SFR module has been installed in the adaptive security appliance. Which command must be executed on the module to establish connectivity to FireSIGHT Management Center?

Which three policy types are configured using Fire SIGHT Management Center? (Choose three.)

Which application is required to enable Microsoft Active Directory identity integration for FirePOWER services?

Which option best describes the role of an IoC?

Files may be submitted to the cloud-based sandbox for dynamic analysis using which two ports? (Choose two.)

Which two settings are configurable as part of a health policy? (Choose two.)

Which three Fire POWER services features require a subscription license? (Choose three.)

Which impact flag indicates that action is to be taken immediately?

Which three actions are supported by file policies? (Choose three.)

Which statement describes what happens during a file-disposition check for malware?

Which three options are assignable file dispositions? (Choose three.)

On Cisco ASA Software Version 8.3 and later, which two statements correctly describe the NAT table or NAT operations? (Choose two.)

An inside client on the 10.0.0.0/8 network connects to an outside server on the 172.16.0.0/16 network using TCP and the server port of 2001. The inside client negotiates a client p...

When the Cisco ASA appliance is processing packets, which action is performed first?

Refer to the exhibit. Which command enables the stateful failover option?

Which three action ranges are in the NG IPS profile? (Choose three.)

Refer to the exhibit. After a remote user established a Cisco AnyConnect session from a wireless card through the Cisco ASA appliance of a partner to a remote server, the user open...

Refer to the exhibit. A NOC engineer needs to tune some postlogin parameters on an SSL VPN tunnel. From the information shown, where should the engineer navigate to, in order to fi...

The "HTTPS decryption" feature is enabled with the default settings and decryption and IPS policies have been applied to the traffic. Which statement describes what happens when a...

Which three elements are reported in an IPS for NGFW event? (Choose three.)

When establishing a Cisco AnyConnect SSL VPN tunnel, a system administrator wants to restrict remote home office users to either print to their local printer or send the remaining...