500-285 Exam Details

  • Exam Code
    :500-285
  • Exam Name
    :Securing Cisco Networks with Sourcefire Intrusion Prevention System
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :60 Q&As
  • Last Updated
    :Jul 09, 2026

Cisco 500-285 Online Questions & Answers

  • Question 1:

    Which policy controls malware blocking configuration?

    A. file policy
    B. malware policy
    C. access control policy
    D. IPS policy

  • Question 2:

    The gateway VPN feature supports which deployment types?

    A. SSL and HTTPS
    B. PPTP and MPLS
    C. client and route-based
    D. point-to-point, star, and mesh

  • Question 3:

    Which statement is true regarding malware blocking over HTTP?

    A. It can be done only in the download direction.
    B. It can be done only in the upload direction.
    C. It can be done in both the download and upload direction.
    D. HTTP is not a supported protocol for malware blocking.

  • Question 4:

    Which option describes Spero file analysis?

    A. a method of analyzing the SHA-256 hash of a file to determine whether a file is malicious or not
    B. a method of analyzing the entire contents of a file to determine whether it is malicious or not
    C. a method of analyzing certain file characteristics, such as metadata and header information, to determine whether a file is malicious or not
    D. a method of analyzing a file by executing it in a sandbox environment and observing its behaviors to determine if it is malicious or not

  • Question 5:

    Which event source can have a default workflow configured?

    A. user events
    B. discovery events
    C. server events
    D. connection events

  • Question 6:

    A context box opens when you click on an event icon in the Network File Trajectory map for a file. Which option is an element of the box?

    A. Scan
    B. Application Protocol
    C. Threat Name
    D. File Name

  • Question 7:

    Which option is a remediation module that comes with the Sourcefire System?

    A. Cisco IOS Null Route
    B. Syslog Route
    C. Nmap Route Scan
    D. Response Group

  • Question 8:

    A user discovery agent can be installed on which platform?

    A. OpenLDAP
    B. Windows
    C. RADIUS
    D. Ubuntu

  • Question 9:

    Correlation policy rules allow you to construct criteria for alerting on very specific conditions. Which option is an example of such a rule?

    A. testing password strength when accessing an application
    B. limiting general user access to administrative file shares
    C. enforcing two-factor authentication for access to critical servers
    D. issuing an alert if a noncompliant operating system is detected or if a host operating system changes to a noncompliant operating system when it was previously profiled as a compliant one

  • Question 10:

    The collection of health modules and their settings is known as which option?

    A. appliance policy
    B. system policy
    C. correlation policy
    D. health policy

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 500-285 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.