nerdexam
GIAC

GCIA · Question #143

GCIA Question #143: Real Exam Question with Answer & Explanation

The correct answer is D. In string matching, an incoming packet is compared, byte by byte, with a single signature, a string of code.. See the full explanation below for the reasoning.

Question

Which of the following statements best describes the string matching method of signature analysis?

Options

  • AString matching searches specific strings that may indicate an attack.
  • BString matching examines multiple fields from different protocols, such as source address, destination port,
  • CIn string matching, each packet is wrapped in predefined layers of different protocols.
  • DIn string matching, an incoming packet is compared, byte by byte, with a single signature, a string of code.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIA Practice