A security alert has been issued for an application running on your network that exploits a buffer overflow to compromise the application. The security alert specifies that client-to-server communication will contain the string "*~hack-man?" or the string "back*?/hat".
Which type of IPS custom signature is required to block the traffic?
A signature attack object for each of the specified strings
A compound attack object
A protocol anomaly attack object
A regular expression matching the identified strings
One Comment on “Which type of IPS custom signature is required to block the traffic?”
I have the same idea. A