Refer to the exhibit. Review the intrusion prevention system (IPS) profile signature settings shown in the exhibit. What do you conclude when adding the FTP.Login.Failed signature to the IPS sensor profile?
A.
Traffic matching the signature will be allowed and logged.
B.
The signature setting uses a custom rating threshold.
C.
The signature setting includes a group of other signatures.
D.
Traffic matching the signature will be silently dropped and logged.
D is correct. The action is set to Block at the top of the configuration setting. If it was set to default then the default action underneath for each signature will apply.
I got confused with the IPS Signature Action "Pass". I see Rate-based setting is set to "Default". After many loging fail I guess that action is going to be logged as an action "blocked" when exceed the amount of retries. Am I wrong?
Nope, the action in the signature list is block (top of the screenshot). It would be A if the action was default or allow, but the action of all the signatures that will be added to this list is going to be block.
upvoted 3 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
sxcap
3 weeks, 2 days agovuhidus
1 month, 2 weeks agoJRKhan
1 month, 3 weeks agos4mu3l007
2 months, 1 week agodumpz
3 months, 1 week agomiguelmagr
3 months, 1 week agoyoula5
3 months, 1 week agoGopiChandMurari
3 months, 3 weeks agoKnocks
3 months, 3 weeks ago