[Full Version] 2017 Exam 500-290 Dumps From Lead2pass Cover All New 500-290 New Questions (31-40)

2017 February Cisco Official New Released 500-290 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

The Cisco 500-290 PDF, 500-290 VCE and 500-290 exam questions and answers at Lead2pass are written and prepared by Cisco affiliated trainers and lecturers with decades of experience in the IT field. This ensures that you are equipped with the latest and most current information to give you a better chance of passing the Cisco 500-290 exam.

Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/500-290.html

QUESTION 31
Which statement is true in regard to the Sourcefire Security Intelligence lists?

A.    The global blacklist universally allows all traffic through the managed device.
B.    The global whitelist cannot be edited.
C.    IP addresses can be added to the global blacklist by clicking on interactive graphs in Context Explorer.
D.    The Security Intelligence lists cannot be updated.

Answer: C

QUESTION 32
Which statement is true when adding a network to an access control rule?

A.    You can select only source networks.
B.    You must have preconfigured the network as an object.
C.    You can select the source and destination networks or network groups.
D.    You cannot include multiple networks or network groups as sources or destinations.

Answer: C

QUESTION 33
Which option is true when configuring an access control rule?

A.    You can use geolocation criteria to specify source IP addresses by country and continent, as well as destination IP addresses by country and continent.
B.    You can use geolocation criteria to specify destination IP addresses by country but not source IP addresses.
C.    You can use geolocation criteria to specify source and destination IP addresses by country but not by continent.
D.    You can use geolocation criteria to specify source and destination IP addresses by continent but not by country.

Answer: A

QUESTION 34
How do you configure URL filtering?

A.    Add blocked URLs to the global blacklist.
B.    Create a Security Intelligence object that contains the blocked URLs and add the object to the access control policy.
C.    Create an access control rule and, on the URLs tab, select the URLs or URL categories that are to be blocked or allowed.
D.    Create a variable.

Answer: C

QUESTION 35
Which statement describes the meaning of a red health status icon?

A.    A critical threshold has been exceeded.
B.    At least one health module has failed.
C.    A health policy has been disabled on a monitored device.
D.    A warning threshold has been exceeded.

Answer: A

QUESTION 36
Context Explorer can be accessed by a subset of user roles. Which predefined user role is not valid for FireSIGHT event access?

A.    Administrator
B.    Intrusion Administrator
C.    Security Analyst
D.    Security Analyst (Read-Only)

Answer: B

QUESTION 37
Context Explorer can be accessed by a subset of user roles. Which predefined user role is valid for FireSIGHT event access?

A.    Administrator
B.    Intrusion Administrator
C.    Maintenance User
D.    Database Administrator

Answer: A

QUESTION 38
When configuring an LDAP authentication object, which server type is available?

A.    Microsoft Active Directory
B.    Yahoo
C.    Oracle
D.    SMTP

Answer: A

QUESTION 39
Cisco FireSIGHT can provide visibility into which three types of information that competing products cannot? (Choose three.)

A.    client-side applications
B.    viruses
C.    DoS attacks
D.    mobile devices
E.    database queries
F.    VM communications

Answer: ADF

QUESTION 40
When adding source and destination ports in the Ports tab of the access control policy rule editor, which restriction is in place?

A.    The protocol is restricted to TCP only.
B.    The protocol is restricted to UDP only.
C.    The protocol is restricted to TCP or UDP.
D.    The protocol is restricted to TCP and UDP.

Answer: C

Lead2pass guarantees your 500-290 exam success with our exam resources. Our 500-290 braindumps are the latest and developed by experienced IT certification professionals working in today’s prospering companies and data centers. All our 500-290 braindumps include 500-290 real exam questions which guarantee your 100% success of 500-290 exam in your first try.

500-290 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDbVYtOTNZU0FUYTQ

2017 Cisco 500-290 exam dumps (All 70 Q&As) from Lead2pass:

http://www.lead2pass.com/500-290.html [100% Exam Pass Guaranteed]

You may also like