CISSP-ISSMP · Question #131
Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?
The correct answer is A. Port signatures. Port Signatures are IDS (Intrusion Detection System) signatures specifically designed to detect connection attempts targeting well-known, commonly attacked TCP/UDP ports - for example, port 23 (Telnet), port 21 (FTP), or port 1433 (MS SQL). These signatures flag suspicious probin
Question
Which of the following signatures watches for the connection attempts to well-known, frequently attacked ports?
Options
- APort signatures
- BDigital signatures
- CHeader condition signatures
- DString signatures
How the community answered
(39 responses)- A92% (36)
- B5% (2)
- C3% (1)
Explanation
Port Signatures are IDS (Intrusion Detection System) signatures specifically designed to detect connection attempts targeting well-known, commonly attacked TCP/UDP ports - for example, port 23 (Telnet), port 21 (FTP), or port 1433 (MS SQL). These signatures flag suspicious probing activity. Digital signatures (B) are a cryptographic authentication mechanism, not an IDS pattern type. Header condition signatures (C) inspect packet header fields (flags, options, fragmentation) for anomalies. String signatures (D) search packet payloads for specific character sequences or patterns associated with known attacks.
Topics
Community Discussion
No community discussion yet for this question.