Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CSSLP All Questions

View all questions & answers for the CSSLP exam
Go to Exam

Exam CSSLP topic 1 question 68 discussion

Actual exam question from ISC's CSSLP
Question #: 68
Topic #: 1
[All CSSLP Questions]

Which of the following is a signature-based intrusion detection system (IDS) ?

  • A. RealSecure
  • B. StealthWatch
  • C. Tripwire
  • D. Snort
Show Suggested Answer Hide Answer
Suggested Answer: Snort to analyze network traffic for matches against a user-defined rule set. Answer: B is incorrect. StealthWatch is a behavior-based intrusion detection system. 🗳️
Snort is a signature-based intrusion detection system. Snort is an open source network intrusion prevention and detection system that operates as a network sniffer. It logs activities of the network that is matched with the predefined signatures. Signatures can be designed for a wide range of traffic, including
Internet Protocol (IP), Transmission Control Protocol (TCP), User Datagram Protocol (UDP), and Internet Control Message Protocol (ICMP). The three main modes in which Snort can be configured are as follows: Sniffer mode: It reads the packets of the network and displays them in a continuous stream on the console. Packet logger mode: It logs the packets to the disk. Network intrusion detection mode: It is the most complex and configurable configuration, allowing incorrect. Tripwire is a file integrity checker for UNIX/Linux that can be used for host-based intrusion detection.
by 4e3rv21rq3vq2q at July 9, 2022, 2:17 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
influence777
7 months, 3 weeks ago
Selected Answer: D
D. Snort Snort is a widely recognized signature-based intrusion detection system (IDS) that uses a rule-driven language to detect and alert on network intrusion attempts. It compares network traffic against a database of known threat signatures to identify malicious activity, making it an effective tool for real-time traffic analysis and packet logging.
upvoted 1 times
...
74gjd_37
1 year, 1 month ago
Selected Answer: B
"People are using signature based IDS’s. Snort is mostly used signature based IDS because of it is open source software. " source: Signature Based Intrusion Detection System Using SNORT, November 2012, International Journal of Computer Applications & Information Technology 1(3):7
upvoted 1 times
...
4e3rv21rq3vq2q
2 years, 4 months ago
Selected Answer: D
D. Snort
upvoted 1 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel