Topic: 300-710 topic 1 question 282
Which rule action is only available in Snort 3?
A.
Pass
B.
Generate
C.
Alert
D.
Rewrite
IT Certification exam information exchange, brain dumps discussions sharing.
You are not logged in. Please login or register.
Share Test → TXT Questions and Answers → 300-710 topic 1 question 282
Which rule action is only available in Snort 3?
A.
Pass
B.
Generate
C.
Alert
D.
Rewrite
D is correct
This YouTube video from Cisco clarifies it at 5:45 https://youtu.be/E7cHQBCM9Bc
Fantastic research! It really can't be more exactly said ;-). Starting from 05:45 min the author starts mentioning the new rule "REWRITE" within Snort 3.
So, yes, the correct answer here is indeed: (D)
Only Alert in this list is a valid snort 3 rule.
That is incorrect. Both "Pass" and "Rewrite" are snort 3 rules. "Rewrite" in snort 3 is the equivalent of "Alert" in snort 2. Rewrite only exists in snort 3, not in snort 2. I posted a link to a "Cisco" Youtube video in my other comment. At 5:45 in the video, they literally show a slide explaining snort 2 and snort 3 rules.
Share Test → TXT Questions and Answers → 300-710 topic 1 question 282
Note: This forum is a platform for users to share insights and discuss exam-related topics. We do not provide authentic exam questions or answers. The content here is contributed by community members and is meant for collaborative learning and discussion purposes only. Users are encouraged to refer to official sources for accurate exam materials.