Which statement is true about an atomic alert that is generated by an IPS?
- It is an alert that is used only when a logging attack has begun.
- It is a single alert sent for multiple occurrences of the same signature.
- It is an alert that is generated every time a specific signature has been found.
- It is both a normal alarm and a summary alarm being sent simultaneously at set intervals.
Explanation: The two main alert generation mechanisms for IDS/IPS devices are atomic and summary alerts. Atomic alerts are generated every time a signature triggers. With a summary alert, a single atomic alert is generated for the first detection of an attack. Then the duplicate alarms are counted, but not sent, for a specific time period. When it reaches the specified time period, an alert is sent that indicates the number of alarms that occurred during the time interval.
Exam with this question: CCNA Security Chapter 5 Exam Answers
Exam with this question: CCNA Security Chapter 5 Exam (CCNAS v1.2)
Please login or Register to submit your answer