nerdexam
GIAC

GSLC · Question #545

GSLC Question #545: Real Exam Question with Answer & Explanation

The correct answer is B. Snort D. Samhain. This question identifies tools that function as intrusion detection systems (IDS) capable of generating alerts about hacking attempts on a target server.

Question

John works as a Network Security Professional. He is assigned a project to test the security of Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

Options

  • ASARA
  • BSnort
  • CTripwire
  • DSamhain

Explanation

This question identifies tools that function as intrusion detection systems (IDS) capable of generating alerts about hacking attempts on a target server.

Common mistakes.

  • A. SARA (Security Auditor's Research Assistant) is a network vulnerability scanning tool used to identify weaknesses in systems, not an IDS that generates real-time alerts about active hacking attempts.
  • C. Tripwire is primarily a file integrity monitoring tool that detects unauthorized changes to files after the fact, and is not designed as a full-featured IDS for generating real-time hacking attempt alerts.

Concept tested. Identifying network and host-based IDS tools

Reference. https://www.snort.org/documents

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GSLC Practice