What function is provided by Snort as part of the Security Onion?

IT Questions BankCategory: CCNA CyberOpsWhat function is provided by Snort as part of the Security Onion?

What function is provided by Snort as part of the Security Onion?

  • to view pcap transcripts generated by intrusion detection tools
  • to generate network intrusion alerts by the use of rules and signatures
  • to normalize logs from various NSM data logs so they can be represented, stored, and accessed through a common schema
  • to display full-packet captures for analysis

Explanation: Snort is a NIDS integrated into Security Onion. It is an important source of the alert data that is indexed in the Sguil analysis tool. Snort uses rules and signatures to generate alerts.

Exam with this question: CyberOps Associate (Version 1.0) - Module 26: Evaluating Alerts Quiz Answers
Exam with this question: Network Security Final Exam Answers
Exam with this question: Network Defense Module 11.3.2 Evaluating Alerts Quiz

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x