cisco 500-275 practice test

Securing Cisco Networks with Sourcefire FireAMP Endpoints


Question 1 Topic 9

Topic 9
Which FireAMP capability can tell you how malware has spread in a network?

  • A. File Analysis
  • B. Threat Root Cause
  • C. File Trajectory
  • D. Heat Map
Answer:

C

Discussions

Question 2 Topic 9

Topic 9
Where does an administrator go to get a copy of a fetched file?

  • A. the Business Defaults page
  • B. the File menu, followed by Downloads
  • C. the File Repository
  • D. the Search selection in the Analysis menu
Answer:

C

Discussions

Question 3 Topic 9

Topic 9
Where is the File Fetch context menu option available?

  • A. anywhere a filename or SHA-256 hash is displayed
  • B. only from the Filter Event View page
  • C. from the Audit Event page
  • D. from the configuration in the Business Defaults page
Answer:

A

Discussions

Question 4 Topic 9

Topic 9
Which option describes a requirement for using Remote File Fetch?

  • A. It must be done from a private cloud console.
  • B. It can be done only over port 32137.
  • C. The administrator must have two-step authentication enabled.
  • D. The feature is integrated into the product, so no specific requirements must be fulfilled.
Answer:

C

Discussions

Question 5 Topic 9

Topic 9
Which option represents a configuration step on first use?

  • A. Verify, Contain, and Protect
  • B. User Account Setup
  • C. System Defaults Configuration
  • D. Event Filtering
Answer:

A

Discussions

Question 6 Topic 8

Topic 8
Which tool can you use to query the history.db file?
A. Curl
B. FireAMP_Helper.vbs
C. cscript
D. SQLite

Answer:

D
Topic 9, Console Interface

Discussions

Question 7 Topic 8

Topic 8
Which pair represents equivalent processes whose names differ, depending on the connector version that you are running?

  • A. immunet_protect and iptray
  • B. agent.exe and sfc.exe
  • C. TETRA and SPERO
  • D. ETHOS and SPERO
Answer:

B

Discussions

Question 8 Topic 8

Topic 8
When a user initiates a scan, which types of scan are available as options?

  • A. scheduled scan, thorough scan, quick scan, network scan
  • B. jiffy scan, overnight scan, scan when available, vulnerability scan
  • C. flash scan, custom scan, full scan
  • D. none, because user-initiated scans are not allowed
Answer:

C

Discussions

Question 9 Topic 7

Topic 7
Which of these can you use for two-step authentication?
A. the Apple Authenticator app
B. the Google Authenticator app
C. a SecurID token
D. any RFC 1918 compatible application

Answer:

B
Topic 8, FireAMP Connector

Discussions

Question 10 Topic 7

Topic 7
Which statement about two-step authentication is true?

  • A. It is the ability to use two separate passwords.
  • B. It is the ability to enable biometric authentication.
  • C. It is the ability to have a passphrase sent to a mobile device.
  • D. It is the ability to use a verification code in conjunction with the correct username and password.
Answer:

D

Discussions
To page 2