ZuoTi.Pro
Question

The Snort IPS that Adam has configured includes a rule that reads as follows: alert tcp...

The Snort IPS that Adam has configured includes a rule that reads as follows:

alert tcp $EXTERNAL_NET any -> 10.0.10.0/24 80

(msg:"Alert!";

content:"http|3a|//www.example.com/download.php" (Links to an external site.); nocase;

offset:12; classtype: web-application-activity;sid:5555555; rev:1;)

What type of detection method is Adam using?

Group of answer choices

Trend based

Availability based

Anomaly based

Behavioral based

Conditional based

engineering   Computer-Science   
0 0
Add a comment Improve this question Transcribed image text
Next > < Previous
Sort answers by oldest

Homework Answers

Answer #1 

D)  Behavioral based

0 0
Add a comment
Know the answer?
Add Answer to:
The Snort IPS that Adam has configured includes a rule that reads as follows: alert tcp...
Your Answer:

Post as a guest

Your Name:

What's your source?

Earn Coins

Coins can be redeemed for fabulous gifts.

Log In

Sign Up

Not the answer you're looking for? Ask your own homework help question. Our experts will answer your question WITHIN MINUTES for Free.
Similar Homework Help Questions

  • 1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80...

    1. What would these iptables rules do? iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT iptables -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT Allow web server traffic Block web server traffic Force port 80 traffic to port 443 Allow traffic from both 80 and 443 using UDP protocols 2. Timestamps are important because can not be changed or deleted by attackers when configured properly, allows you to correlate events across the network can always...

ADVERTISEMENT
Free Homework Help App
Download From Google Play
Scan Your Homework
to Get Instant Free Answers
Need Online Homework Help?
Ask a Question
Get Answers For Free
Most questions answered within 3 hours.
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT