Cisco
500-285 · Question #20
500-285 Question #20: Real Exam Question with Answer & Explanation
The correct answer is D. a rule body that contains packet-matching criteria or options to define where to look for content in. See the full explanation below for the reasoning.
Question
Which option describes the two basic components of Sourcefire Snort rules?
Options
- Apreprocessor configurations to define what to do with packets before the detection engine sees
- Ba rule statement characterized by the message you configure to appear in the alert, and the rule
- Ca rule header to define source, destination, and protocol, and the output configuration to
- Da rule body that contains packet-matching criteria or options to define where to look for content in
Community Discussion
No community discussion yet for this question.