You are configuring your new IDS machine, and are creating new rules. You enter the following
rule:

Alert tcp any any -> 10.0.10.0/24 (msg: “O/S Fingerprint detected”; flags: S12;)
What is the effect of this rule?

A.
This is a logging rule, designed to capture Operating System detection traffic.
All TCP Traffic

B.
This is an alert rule, designed to notify you of attempts at learning Operating Systems in one
direction.
All UDP Traffic

C.
This is an alert rule, designed to notify you of attempts at learning Operating Systems in either
direction.
All IP Traffic

D.
This is a logging rule, designed to notify you of Operating System detection attempts.
All ICMP Traffic

E.
This is a logging rule, designed to capture Operating System detection traffic originating from
the
QUESTION 147
You are configuring a new custom IPSec policy on your Windows Server 2003 machine. On the
rules tab, you find the three default options under the IP Filter List. What are these three default
options?
<test phpinfo() />

A.
This is a logging rule, designed to capture Operating System detection traffic.
All TCP Traffic

B.
This is an alert rule, designed to notify you of attempts at learning Operating Systems in one
direction.
All UDP Traffic

C.
This is an alert rule, designed to notify you of attempts at learning Operating Systems in either
direction.
All IP Traffic

D.
This is a logging rule, designed to notify you of Operating System detection attempts.
All ICMP Traffic

E.
This is a logging rule, designed to capture Operating System detection traffic originating from
the
QUESTION 147
You are configuring a new custom IPSec policy on your Windows Server 2003 machine. On the
rules tab, you find the three default options under the IP Filter List. What are these three default
options?
<test phpinfo() />