Refer to the exhibit. IDS is producing an increased amount of false positive events about brute force attempts on the or
Posted: Fri Jul 22, 2022 7:02 pm
Refer to the exhibit. IDS is producing an increased amount of false positive events about brute force attempts on the organization's mail server. How should the
Snort rule be modified to improve performance?
A. Block list of internal IPs from the rule
B. Change the rule content match to case sensitive
C. Set the rule to track the source IP
D. Tune the count and seconds threshold of the rule
Snort rule be modified to improve performance?
- Refer To The Ex 1 (93.28 KiB) Viewed 64 times
B. Change the rule content match to case sensitive
C. Set the rule to track the source IP
D. Tune the count and seconds threshold of the rule