[Full Version] New Released Cisco 500-290 Exam Questions From Cisco Exam Center (11-20)

By | February 7, 2017

2017 February Cisco Official New Released 500-290 Dumps in Lead2pass.com!

100% Free Download! 100% Pass Guaranteed!

500-290 exam questions and answers provided by Lead2pass will guarantee you pass 500-290 exam, because Lead2pass is the top IT Certification study training materials vendor. Many candidates have passed exam with the help of Lead2pass. We offer the latest 500-290 PDF and VCE dumps with new version VCE player for free download, you can pass the exam beyond any doubt.

Following questions and answers are all new published by Cisco Official Exam Center: http://www.lead2pass.com/500-290.html

QUESTION 11
Which two are valid examples of String engines? (Choose two.)

A.    String HTTP
B.    String FTP
C.    String TCP
D.    String UDP
E.    String Trojan
F.    String IP

Answer: CD

QUESTION 12
Which two are the functions of the learning feature of anomaly detection within a Cisco IPS appliance? (Choose two.)

A.    observes actual traffic patterns to the zones
B.    retrieves zero-day attack information from the Cisco SIO
C.    dynamically populates the host operating system database
D.    allows false-positive training by an IPS administrator
E.    builds the host reputation histogram
F.    learns which legitimate services have a scanning behavior

Answer: AF

QUESTION 13
Regarding the Cisco IPS appliance anomaly detection feature, which two of these would be considered scan events? (Choose two.)

A.    an unacknowledged TCP SYN
B.    an online dictionary password attack
C.    exhaustive directory tree traversal on an FTP server
D.    a scan of all TCP ports on a single destination IP address
E.    a unidirectional UDP session

Answer: AE

QUESTION 14
According to Gartner, which criteria distinguish a next-generation IPS?

A.    Agile Security engine, VPN, and context awareness
B.    firewall capabilities, full-stack visibility, and content awareness
C.    content awareness, contextual awareness, and Agile Security engine
D.    full-stack visibility, contextual awareness, and network access control

Answer: C

QUESTION 15
Which feature in the Cisco AMP solution provides the ability to track malware activity over time?

A.    malware detection
B.    sandboxing
C.    blacklisting
D.    trajectory

Answer: D

QUESTION 16
Which Cisco AMP deployment would you recommend for advanced customers that want comprehensive threat protection, investigation, and response?

A.    trajectory
B.    AMP for MX
C.    AMP for Networks
D.    AMP for VPN

Answer: C

QUESTION 17
The gateway VPN feature supports which deployment types?

A.    SSL and HTTPS
B.    PPTP and MPLS
C.    client and route-based
D.    point-to-point, star, and mesh

Answer: D

QUESTION 18
Which statement is true concerning static NAT?

A.    Static NAT supports only TCP traffic.
B.    Static NAT is normally deployed for outbound traffic only.
C.    Static NAT provides a one-to-one mapping between IP addresses.
D.    Static NAT provides a many-to-one mapping between IP addresses.

Answer: C

QUESTION 19
Which statement is true when network traffic meets the criteria specified in a correlation rule?

A.    Nothing happens, because you cannot assign a group of rules to a correlation policy.
B.    The network traffic is blocked.
C.    The Defense Center generates a correlation event and initiates any configured responses.
D.    An event is logged to the Correlation Policy Management table.

Answer: C

QUESTION 20
Which list identifies the possible types of alerts that the Sourcefire System can generate as notification of events or policy violations?

A.    logging to database, SMS, SMTP, and SNMP
B.    logging to database, SMTP, SNMP, and PCAP
C.    logging to database, SNMP, syslog, and email
D.    logging to database, PCAP, SMS, and SNMP

Answer: C

Lead2pass is the leader in supplying candidates with current and up-to-date training materials for Cisco certification and exam preparation. Comparing with others, our 500-290 exam questions are more authoritative and complete. We offer the latest 500-290 PDF and VCE dumps with new version VCE player for free download, and the new 500-290 dump ensures your exam 100% pass.

500-290 new questions on Google Drive: https://drive.google.com/open?id=0B3Syig5i8gpDbVYtOTNZU0FUYTQ

2017 Cisco 500-290 exam dumps (All 70 Q&As) from Lead2pass:

http://www.lead2pass.com/500-290.html [100% Exam Pass Guaranteed]