What function is provided by Snort as part of the Security Onion?
- to view pcap transcripts generated by intrusion detection tools
- to generate network intrusion alerts by the use of rules and signatures
- to normalize logs from various NSM data logs so they can be represented, stored, and accessed through a common schema
- to display full-packet captures for analysis
Explanation: Snort is a NIDS integrated into Security Onion. It is an important source of the alert data that is indexed in the Sguil analysis tool. Snort uses rules and signatures to generate alerts.
Exam with this question: CyberOps Associate (Version 1.0) - Module 26: Evaluating Alerts Quiz Answers
Exam with this question: Network Security Final Exam Answers
Exam with this question: Network Defense Module 11.3.2 Evaluating Alerts Quiz
Please login or Register to submit your answer