PrepAway - Latest Free Exam Questions & Answers

what attack signature group severity level is reported for reconnaissance attacks?

By default, what attack signature group severity level is reported for reconnaissance attacks?

PrepAway - Latest Free Exam Questions & Answers

A.
High

B.
Critical

C.
Medium

D.
Emergency

Explanation:

Predefined attack object groups contain attack objects for a specific protocol. For each protocol, the groups are
separatedinto protocol anomalies andstatefulsignatures, and then roughly organized by severity. The three attack object group severity levels are critical, high, and medium:
Critical:Contains attack objects matching exploits that attempt to evade detection, cause a network device to crash, or gain system-level privileges. High:Contains attack objects matching exploits that attempt to disrupt a service, gain user-level access to a
networkdevice, or activate a Trojan horse previously loaded on a device. Medium:Contains attackobjects matching exploitsthat detect reconnaissance efforts attempting to access vital information through directory traversal or information leaks. Low:Contains attack objects matching exploits that attempt to obtain non-critical information or scan a network with a scanning tool.
Info:Contains attack objects matching normal, harmless traffic containing URLs, DNS lookup failures, SNMP public community strings, and Peer-to-Peer (P2P) parameters. You can use informational attack objects to obtain information about your network.

One Comment on “what attack signature group severity level is reported for reconnaissance attacks?


Leave a Reply