Fantastic research! It really can't be more exactly said ;-). Starting from 05:45 min the author starts mentioning the new rule "REWRITE" within Snort 3.
So, yes, the correct answer here is indeed: (D)

4 Reply by TodaniTE 2024-04-27 14:01:57

TodaniTE
New member
Offline

Re: 300-710 topic 1 question 282

Only Alert in this list is a valid snort 3 rule.

5 Reply by aaInman 2024-04-27 15:25:36

aaInman
New member
Offline

Re: 300-710 topic 1 question 282

That is incorrect. Both "Pass" and "Rewrite" are snort 3 rules. "Rewrite" in snort 3 is the equivalent of "Alert" in snort 2. Rewrite only exists in snort 3, not in snort 2. I posted a link to a "Cisco" Youtube video in my other comment. At 5:45 in the video, they literally show a slide explaining snort 2 and snort 3 rules.

Posts: 5

Pages 1

You must login or register to post a reply

Share Test → TXT Questions and Answers → 300-710 topic 1 question 282

Note: This forum is a platform for users to share insights and discuss exam-related topics. We do not provide authentic exam questions or answers. The content here is contributed by community members and is meant for collaborative learning and discussion purposes only. Users are encouraged to refer to official sources for accurate exam materials.