What Network Template is designed for this firewall topology?
You are reconfiguring your networks firewall to create a DMZ using three network interfaces. After
configuring the addresses on the interfaces, you are making the required changes in ISA Server
2006. You are going to use Network Template during this configuration change. What Network
Template is designed for this firewall topology?
What should these two lines read, after you make your changes, on a default installation?
You have decided to install Snort on your Windows Server 2003 and are making changes to the
default configuration file. You see the following two lines:
include classification.config
include reference.config
What should these two lines read, after you make your changes, on a default installation?
Which of the following is the range of Snort Rule IDs that are reserved for Snorts use?
You are configuring the Snort Rules for your new IDS. You are creating the rules, and wish to
avoid the
Snort Rule IDs that are reserved for Snorts use. Which of the following is the range of Snort Rule
IDs that are reserved for Snorts use?
What are the three options in the Snort rule that can be used to define the Priority level of the rule?
During your configuration of Snort, you wish to use priority levels in your rules. What are the three
options in the Snort rule that can be used to define the Priority level of the rule?
Which keyword is used to categorize Snort events?
You are configuring Snort on your new IDS, and wish to categorize the events of the rules you will
use.
Which keyword is used to categorize Snort events?
Which keyword is used to tell Snort how far inside the packet it should look for the pattern, or defined conte
For the new Snort rules you are building, it will be required to have Snort examine inside the
content of the packet.
Which keyword is used to tell Snort how far inside the packet it should look for the pattern, or defined content match?
you need to add to Snort?
You have been working with Snort, on your Windows Server 2003, for some time as a packet
capture tool, and now wish to connect Snort to a database on your server. You install MySQL as
the database, and are ready to configure Snort. If the database is named: snortdb1, has a user
name of: snort, and a password of: snortpass, what is the configuration line you need to add to
Snort?
what is this known as?
As Intrusion Detection Systems become more sophisticated, the software manufacturers develop
different methods of detection. If an IDS uses the process of finding a deviation from a well know
pattern of user behavior, what is this known as?
What step in the process of Intrusion Detection as shown in the exhibit would determine if given alerts were p
What step in the process of Intrusion Detection as shown in the exhibit would determine if given
alerts were part of a bigger intrusion, or would help discover infrequent attacks?
What are the components of a LAMP Server?
You are going to configure your SuSe Linux machine to run Snort, as the IDS in your network. In
order to take full advantage of Snort, you have read that you need a LAMP Server. What are the
components of a LAMP Server?