Which preprocessor uses a global directive and an engine instance directive in the snort.conf file for configu
Which preprocessor uses a global directive and an engine instance directive in the
snort.conf file for configuration to provide target context during packet reassembly?
What is a GID?
What is a GID?
Which preprocessor provides a means to measure Snort performance?
Which preprocessor provides a means to measure Snort performance?
Which preprocessor plays a role in detecting the reconnaissance phase of an attack?
Which preprocessor plays a role in detecting the reconnaissance phase of an attack?
Which tuning strategy can mitigate this problem?
A Snort sensor is generating many false-positive sfPortscan alerts, in which busy, trusted
hosts are flagged as the source of port sweep events. Which tuning strategy can mitigate
this problem?
What is the primary source for Snort rules?
What is the primary source for Snort rules?
Which statement about the distribution of SO rules is true?
Which statement about the distribution of SO rules is true?
What is VRT?
What is VRT?
Which management and analysis tool can you use to enhance a Snort installation?
Which management and analysis tool can you use to enhance a Snort installation?
Which file is the primary configuration file for keeping rules up to date?
Which file is the primary configuration file for keeping rules up to date?