Study the snort rule given below and interpret the rule. alert tcp any any –> 192.168.1.0/24 111

Posted by: Pdfprep Category: CPEH-001 Tags: , ,

Study the snort rule given below and interpret the rule. alert tcp any any –> 192.168.1.0/24 111

(content:"|00 01 86 a5|"; msG. "mountd access";)
A . An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111
B . An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet
C . An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet
D . An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

Answer: D

Leave a Reply

Your email address will not be published.