500-290 Exam Details

  • Exam Code
    :500-290
  • Exam Name
    :IPS Express Security for Engineers
  • Certification
    :Cisco Certifications
  • Vendor
    :Cisco
  • Total Questions
    :60 Q&As
  • Last Updated
    :Dec 09, 2021

Cisco 500-290 Online Questions & Answers

  • Question 41:

    Correlation policy rules allow you to construct criteria for alerting on very specific conditions. Which option is an example of such a rule?

    A. testing password strength when accessing an application
    B. limiting general user access to administrative file shares
    C. enforcing two-factor authentication for access to critical servers
    D. issuing an alert if a noncompliant operating system is detected or if a host operating system changes to a noncompliant operating system when it was previously profiled as a compliant one

  • Question 42:

    Which policy controls malware blocking configuration?

    A. file policy
    B. malware policy
    C. access control policy
    D. IPS policy

  • Question 43:

    Which statement represents detection capabilities of the HTTP preprocessor?

    A. You can configure it to blacklist known bad web servers.
    B. You can configure it to normalize cookies in HTTP headers.
    C. You can configure it to normalize image content types.
    D. You can configure it to whitelist specific servers.

  • Question 44:

    The IP address::/0 is equivalent to which IPv4 address and netmask?

    A. 0.0.0.0
    B. 0.0.0.0/0
    C. 0.0.0.0/24
    D. The IP address::/0 is not valid IPv6 syntax.

  • Question 45:

    FireSIGHT uses three primary types of detection to understand the environment in which it is deployed. Which option is one of the detection types?

    A. protocol layer
    B. application
    C. objects
    D. devices

  • Question 46:

    FireSIGHT recommendations appear in which layer of the Policy Layers page?

    A. Layer Summary
    B. User Layers
    C. Built-In Layers
    D. FireSIGHT recommendations do not show up as a layer.

  • Question 47:

    What does the whitelist attribute value "not evaluated" indicate?

    A. The host is not a target of the whitelist.
    B. The host could not be evaluated because no profile exists for it.
    C. The whitelist status could not be updated because the correlation policy it belongs to is not enabled.
    D. The host is not on a monitored network segment.

  • Question 48:

    Which option transmits policy-based alerts such as SNMP and syslog?

    A. the Defense Center
    B. FireSIGHT
    C. the managed device
    D. the host

  • Question 49:

    How do you configure URL filtering?

    A. Add blocked URLs to the global blacklist.
    B. Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.
    C. Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.
    D. Create a variable.

  • Question 50:

    Which Sourcefire feature allows you to send traffic directly through the device without inspecting it?

    A. fast-path rules
    B. thresholds or suppressions
    C. blacklist
    D. automatic application bypass

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Cisco exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 500-290 exam preparations and Cisco certification application, do not hesitate to visit our Vcedump.com to find your solutions here.