EC-Council
EC0-350 · Question #743
EC0-350 Question #743: Real Exam Question with Answer & Explanation
Sign in or unlock EC0-350 to reveal the answer and full explanation for question #743. The question stem and answer options stay visible for context.
Question
Which of the following snort rules look for FTP root login attempts?
Options
- Aalert tcp -> any port 21 (msg:"user root";)
- Balert tcp -> any port 21 (message:"user root";)
- Calert ftp -> ftp (content:"user password root";)
- Dalert tcp any any -> any any 21 (content:"user root";)
Unlock EC0-350 to see the answer
You've previewed enough free EC0-350 questions. Unlock EC0-350 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.