What information is contained in the options section of a Snort rule?
- direction of traffic flow
- text describing the event
- action to be taken
- source and destination address
Explanation: Snort rules consist of two sections, the rules header and the rule options. The rule options section of a snort rule consists of the messages text displayed to describe an alert as well as metadata about the alert.
Exam with this question: Checkpoint Exam: Analyzing Security Data Group Exam
Exam with this question: Checkpoint Exam: Evaluating Security Alerts Answers
Please login or Register to submit your answer