500-290 Exam Questions
70 real 500-290 exam questions with expert-verified answers and explanations. Page 2 of 2.
- Question #51
Which rating is determined by adjusting the risk rating with respect to preventative actions taken by the sensor?
- Question #52
Stacking allows a primary device to utilize which resources of secondary devices?
- Question #53
Which three statements are true with respect to IPS false positives? (Choose three.)
- Question #54
Which Cisco IPS appliance signature engine uses signature events as input to correlate different signatures into a higher level event?
- Question #55
Which application within the Cisco IPS appliance can modify the configurations of other devices on the network?
- Question #56
Which interface type allows for bypass mode?
- Question #57
Which interface type allows for VLAN tagging?
- Question #58
Correlation policy rules allow you to construct criteria for alerting on very specific conditions. Which option is an example of such a rule?
- Question #59
Which option is a valid whitelist evaluation value?
- Question #60
What does the whitelist attribute value "not evaluated" indicate?
- Question #61
Which option describes Spero file analysis?
- Question #62
Which statement is true regarding malware blocking over HTTP?
- Question #63
Which policy controls malware blocking configuration?
- Question #64
What is the maximum timeout value for a browser session?
- Question #65
Which statement regarding user exemptions is true?
- Question #66
Which Cisco IPS appliance feature has the following three potential settings: off, partial, and full?
- Question #67
Which option is not a characteristic of dashboard widgets or Context Explorer?
- Question #68
Which option is true of the Packet Information portion of the Packet View screen?
- Question #69
When you are editing an intrusion policy, how do you know that you have changes?
- Question #70
Which Sourcefire feature allows you to send traffic directly through the device without inspecting it?