PrepAway - Latest Free Exam Questions & Answers

Which IDS guideline should be followed, according to SAFE SMR?

Which IDS guideline should be followed, according to SAFE SMR?

PrepAway - Latest Free Exam Questions & Answers

A.
use UDP resets more often than shunning, because UDP traffic is more difficult to spoof

B.
use TCP resets more often than shunning, because TCP traffic is more difficult to spoof

C.
use TCP resets no longer than 15 minutes

D.
use UDP resets no longer than 15 minutes

Explanation:

Because TCP traffic is more difficult to spoof, you should consider using TCP resets more often than shunning – TCP resets operate only on TCP traffic and terminate an active attack by sending a TCP reset to both the attacker and the attacked host.
Reference: Cisco Courseware p.3-27


Leave a Reply