Multiple Choice
Refer to the exhibit. IDS is producing an increased amount of false positive events about brute force attempts on the organization's mail server. How should the Snort rule be modified to improve performance?
A) Block list of internal IPs from the rule
B) Change the rule content match to case sensitive
C) Set the rule to track the source IP
D) Tune the count and seconds threshold of the rule
Correct Answer:
Verified
Correct Answer:
Verified
Q70: An organization had an incident with the
Q71: How is a SIEM tool used?<br>A) To
Q72: A European-based advertisement company collects tracking information
Q73: A SOC engineer discovers that the organization
Q74: A cloud engineer needs a solution to
Q76: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q77: A threat actor has crafted and sent
Q78: An organization suffered a security breach in
Q79: <img src="https://d2lvgg3v3hfg70.cloudfront.net/C1178/.jpg" alt=" Refer to the
Q80: Refer to the exhibit. A security analyst