Questions for the 500-275 were updated on : Sep 08 ,2024
Page 1 out of 4. Viewing questions 1-15 out of 51
Question 1
Topic 1
Topic 1 The FireAMP Mobile endpoint connector currently supports which mobile OS device?
A. Firefox
B. HTML5
C. Android
D. iPhone
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 2
Topic 1
Topic 1 Which statement describes an advantage of the FireAMP product?
A. Signatures are pushed to endpoints more quickly than other antivirus products.
B. Superior detection algorithms on the endpoint limit the amount of work the cloud must perform.
C. It provides enterprise visibility.
D. It relies on sandboxing.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 3
Topic 1
Topic 1 Which feature allows retrospective detection?
A. Total Recall
B. Cloud Recall
C. Recall Alert
D. Recall Analysis
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 4
Topic 1
Topic 1 Which statement describes an advantage of cloud-based detection?
A. Limited customization allows for faster detection.
B. Fewer resources are required on the endpoint.
C. Sandboxing reduces the overall management overhead of the system.
D. High-speed analytical engines on the endpoint limit the amount of work the cloud must perform.
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 5
Topic 1
Topic 1 The FireAMP connector monitors the system for which type of activity?
A. Vulnerabilities
B. Enforcement of usage policies
C. File operations
D. Authentication activity
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 6
Topic 1
Topic 1 Which disposition can be returned in response to a malware cloud lookup?
A. Dirty
B. Virus
C. Malware
D. Infected
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 7
Topic 1
Topic 1 Which option is a detection technology that is used by FireAMP?
A. fuzzy matching
B. Norton AntiVirus
C. network scans
D. Exterminator
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 8
Topic 1
Topic 1 If a file's SHA-256 hash is sent to the cloud, but the cloud has never seen the hash before, which disposition is returned?
A. Clean
B. Neutral
C. Malware
D. Unavailable
Answer:
B
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 9
Topic 1
Topic 1 File information is sent to the Sourcefire Collective Security Intelligence Cloud using which format? A. MD5 B. SHA-1 C. filenames D. SHA-256
Answer:
D Topic 2, Outbreak Control Menu Items
Discussions
0/ 1000
Question 10
Topic 2
Topic 2 How does application blocking enhance security?
A. It identifies and logs usage.
B. It tracks application abuse.
C. It deletes identified applications.
D. It blocks vulnerable applications from running, until they are patched.
Answer:
D
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 11
Topic 2
Topic 2 Which set of actions would you take to create a simple custom detection?
A. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
B. Upload a packet capture; use a Snort rule; use a ClamAV rule.
C. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
D. Input the file and file name.
Answer:
A
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 12
Topic 2
Topic 2 Advanced custom signatures are written using which type of syntax?
A. Snort signatures
B. Firewall signatures
C. ClamAV signatures
D. bash shell
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 13
Topic 2
Topic 2 When discussing the FireAMP product, which term does the acronym DFC represent?
A. It means Detected Forensic Cause.
B. It means Duplicate File Contents.
C. It means Device Flow Correlation.
D. It is not an acronym that is associated with the FireAMP product.
Answer:
C
User Votes:
A
50%
B
50%
C
50%
D
50%
Discussions
0/ 1000
Question 14
Topic 2
Topic 2 Custom whitelists are used for which purpose? A. to specify which files to alert on B. to specify which files to delete C. to specify which files to ignore D. to specify which files to sandbox
Answer:
C Topic 3, Enpoint Policies
Discussions
0/ 1000
Question 15
Topic 3
Topic 3 The FireAMP connector supports which proxy type?