What function is provided by Snort as part of the Security Onion?
- to generate network intrusion alerts by the use of rules and signatures
- to normalize logs from various NSM data logs so they can be represented, stored, and accessed through a common schema
- to display full-packet captures for analysis
- to view pcap transcripts generated by intrusion detection tools
Explanation: Snort is an open source network intrusion prevention system (NIPS) and network intrusion detection system (NIDS) developed by Sourcefire. It has the ability to perform real time traffic analysis and packet logging on Internet Protocol (IP) networks and can also be used to detect probes or attacks.
More Questions: Network Security Final Exam Answers