Which option describes the two basic components of Sourcefire Snort rules?
A) preprocessor configurations to define what to do with packets before the detection engine sees them, and detection engine configurations to define exactly how alerting is to take place
B) a rule statement characterized by the message you configure to appear in the alert, and the rule body that contains all of the matching criteria such as source, destination, and protocol
C) a rule header to define source, destination, and protocol, and the output configuration to determine which form of output to produce if the rule triggers
D) a rule body that contains packet-matching criteria or options to define where to look for content in a packet, and a rule header to define matching criteria based on where a packet originates, where it is going, and over which protocol
Correct Answer:
Verified
Q62: Alert priority is established in which way?
A)
Q63: Other than navigating to the Network File
Q64: Context Explorer can be accessed by a
Q65: Which policy controls malware blocking configuration?
A) file
Q66: Which event source can have a default
Q68: Which option can you enter in the
Q69: When configuring an LDAP authentication object, which
Q70: Which statement regarding user exemptions is true?
A)
Q71: A user discovery agent can be installed
Q72: What is the maximum timeout value for
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents