Snort Usage Quiz

File compression

Network intrusion detection and prevention

Data backup

Web hosting

alert

log

pass

All of the above

Blocks HTTP traffic to the specified subnet

Logs any UDP traffic to port 80

Generates an alert for TCP traffic to port 80 in the specified subnet

Drops packets to port 80

TCP

UDP

ICMP

All of the above

Specifies the sender of the packet

Searches the packet content for the string "user-agent"

Drops packets containing "user-agent"

Generates an alert for any packet

A unique identifier for the rule

The source IP address

The destination port

The action to be performed

:

->

=>

|

Logs the packet source address

Specifies the message to display in alerts

Modifies the rule’s priority

Filters out unnecessary packets

An alert rule

A rule to log packets

A rule to ignore matching packets

A rule to drop packets

content

ttl

dsize

flags