Fantastic research! It really can't be more exactly said ;-). Starting from 05:45 min the author starts mentioning the new rule "REWRITE" within Snort 3.
So, yes, the correct answer here is indeed: (D)
02:25 says 4 are new: pass, drop, reject, rewrite
3:2 = pass: pass
3:2 = drop: NONE
3:2 = reject:reject
3:2 = Rewrite: alert.
so technically it's Drop, but no such option.
Then Rewrite is the only choice
As you can see in the video below, the answer is most likely “D. Rewrite” as you have mentioned. However, since you did not select “D. Rewrite” when commenting, “C. Alert” ended up being the most voted answer.
A, C and D are correct, I think there is a mistake in the question: Which rule action is only available in "Snort 2" and not "snort 3". the rule action witch is available only on snort 2 is Generate (B)
That is incorrect. Both "Pass" and "Rewrite" are snort 3 rules. "Rewrite" in snort 3 is the equivalent of "Alert" in snort 2. Rewrite only exists in snort 3, not in snort 2. I posted a link to a "Cisco" Youtube video in my other comment. At 5:45 in the video, they literally show a slide explaining snort 2 and snort 3 rules.
upvoted 5 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
aaInman
Highly Voted 1 year, 1 month agoMB2222
10 months agowhysohardwhy
5 days, 6 hours agoCCNPTARO
Most Recent 1 month agohouhou12322
5 months, 1 week agoTodaniTE
1 year agoaaInman
1 year ago