CSSLP Question #198: Real Exam Question with Answer & Explanation

The correct answer is D: Snort. Snort is a widely recognized open-source network intrusion detection system (NIDS) capable of performing real-time traffic analysis and packet logging. It can detect a variety of attacks and probes by using rule-based signatures.

Secure Software Deployment, Operations, Maintenance

Question

Which of the following is an open source network intrusion detection system?

Options

ANETSH
BMacof
CSourcefire
DSnort

Explanation

Snort is a widely recognized open-source network intrusion detection system (NIDS) capable of performing real-time traffic analysis and packet logging. It can detect a variety of attacks and probes by using rule-based signatures.

Common mistakes.

A. NETSH is a command-line scripting utility in Windows for configuring network settings, not an intrusion detection system.
B. Macof is a tool used for MAC flooding attacks, not for intrusion detection.
C. Sourcefire was a company that developed security products, including commercial versions of Snort, but Snort itself is the open-source NIDS, not Sourcefire as a product.

Concept tested. Open-source Network Intrusion Detection Systems (NIDS)

Reference. https://www.snort.org/

Topics

#NIDS#Open Source Security Tools#Snort#Security Monitoring

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions