500-275 | Which set of actions would you take to create a simple custom detection?

Question : 16

Which set of actions would you take to create a simple custom detection?

A. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-256 values.
B. Upload a packet capture; use a Snort rule; use a ClamAV rule.
C. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
D. Input the file and file name.

Answer : A

500-275 | How does application blocking enhance security?

Question : 15

How does application blocking enhance security?

A. It identifies and logs usage.
B. It tracks application abuse.
C. It deletes identified applications.
D. It blocks vulnerable applications from running, until they are patched.

Answer : D

500-275 Sample Question : 9

Question : 9

File information is sent to the Sourcefire Collective Security Intelligence Cloud using which format?

A. MD5
B. SHA-1
C. filenames
D. SHA-256

Answer : D

500-275 Sample Question : 8

Question : 8

If a file’s SHA-256 hash is sent to the cloud, but the cloud has never seen the hash before, which disposition is returned?

A. Clean
B. Neutral
C. Malware
D. Unavailable

Answer : B

500-275 Sample Question : 7

Question : 7

Which set of actions would you take to create a simple custom detection?

A. Add a SHA-256 value; upload a file to calculate a SHA-256 value; upload a text file that contains SHA-
256 values.
B. Upload a packet capture; use a Snort rule; use a ClamAV rule.
C. Manually input the PE header data, the MD-5 hash, and a list of MD-5 hashes.
D. Input the file and file name.

Answer : A

500-275 Sample Question : 6

Question : 6

How does application blocking enhance security?

A. It identifies and logs usage.
B. It tracks application abuse.
C. It deletes identified applications.
D. It blocks vulnerable applications from running, until they are patched.

Answer : D

500-275 Sample Question : 5

Question : 5

Which statement describes an advantage of the FireAMP product?

A. Signatures are pushed to endpoints more quickly than other antivirus products.
B. Superior detection algorithms on the endpoint limit the amount of work the cloud must perform.
C. It provides enterprise visibility.
D. It relies on sandboxing.

Answer : C

500-275 Sample Question : 4

Question : 4

If a file’s SHA-256 hash is sent to the cloud, but the cloud has never seen the hash before, which disposition is returned?

A. Clean
B. Neutral
C. Malware
D. Unavailable

Answer : B

500-275 Sample Question : 3

Question : 3

The FireAMP Mobile endpoint connector currently supports which mobile OS device?

A. Firefox
B. HTML5
C. Android
D. iPhone

Answer : C

Free 500-275 Questions Free exam questions answers. These Q&A online braindumps are free to use for your 500-275 Questions Free practice test. We keep adding more questions so keep coming to get dumps.

Leave a Comment.