Which rule action will cause Snort IPS to block a packet without logging it?

May 23, 2021 Last Updated: May 23, 2021 No Comments
Tweet Share Pin it
IT Questions BankCategory: CCNA SecurityWhich rule action will cause Snort IPS to block a packet without logging it?

Which rule action will cause Snort IPS to block a packet without logging it?

  • Sdrop
  • doup
  • alert
  • reject

Explanation: There are several rule actions that can be configured for Snort:

  • Alert - Generate an alert using the selected alert method, and then log the packet.
  • Log - Log the packet.
  • Pass - Ignore the packet.
  • Drop - Block and log the packet.
  • Reject - Block the packet, log it, and then send a TCP reset if the protocol is TCP or an ICMP port unreachable message if the protocol is UDP.
  • Sdrop - Block the packet but do not log it.

Exam with this question: Module 12: Quiz – IPS Operation and Implementation Network Security

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments