you need to create a rule that will be based upon a Network Set, which of the following would you select in th
You have recently installed ISA Server 2006 as your firewall, and are building some new rules. If you need to create a rule that will be based upon a Network Set, which of the following would you select in the Toolbox?
Prior to running Snort you must install which of the following programs?
You are going to add another computer to the pool that you use for detecting intrusions. This time you are making a customized Snort machine running on Windows 2000 Professional. Prior to running Snort you must install which of the following programs?
What are the two basic forms of firewall implementations?
You have recently been contracted to implement a new firewall solution at a client site. What are the two basic forms of firewall implementations?
What is the name of that configuration file?
After installing Snort on your Windows machine that is destined to be your IDS, you need to edit the configuration file to customize it to your needs. What is the name of that configuration file?
When setting rules for Snort, what rule option keyword would you use to match a defined value in the packets p
You are configuring the Intrusion Detection System in your network, and a significant part of the strategy is to use custom Snort rules. When setting rules for Snort, what rule option keyword would you use to match a defined value in the packets payload?
If an IDS uses the process of matching known attacks against data collected in your network, what is this know
As Intrusion Detection Systems become more sophisticated, the software manufacturers develop different methods of detection. If an IDS uses the process of matching known attacks against data collected in your network, what is this known as?
What are the components of a LAMP Server?
You are going to configure your SuSe Linux machine to run Snort, as the IDS in your network. In order to take full advantage of Snort, you have read that you need a LAMP Server. What are the components of a LAMP Server?
What step in the process of Intrusion Detection as shown in the exhibit would determine if given alerts were p
What step in the process of Intrusion Detection as shown in the exhibit would determine if given alerts were part of a bigger intrusion, or would help discover infrequent attacks?
If an IDS uses the process of finding a deviation from a well know pattern of user behavior, what is this know
As Intrusion Detection Systems become more sophisticated, the software manufacturers develop different methods of detection. If an IDS uses the process of finding a deviation from a well know pattern of user behavior, what is this known as?
you need to add to Snort?
You have been working with Snort, on your Windows Server 2003, for some time as a packet capture tool, and now wish to connect Snort to a database on your server. You install MySQL as the database, and are ready to configure Snort. If the database is named: snortdb1, has a user name of: snort, and a password of: snortpass, what is the configuration line you need to add to Snort?