Weekend Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: ac4s65

The security team wants to detect connections that can compromise credentials by sending them in...

GIAC GCED Full Course Access
GIAC GCED View All Questions

The security team wants to detect connections that can compromise credentials by sending them in plaintext across the wire. Which of the following rules should they enable on their IDS sensor?

A.

alert tcp any 22 < > any 22 (msg:SSH connection; class type:misc-attack;sid: 122:rev:1;)

B.

alert tcp any any < > any 6000: (msg:X-Windows session; flow:from_server,established;nocase;classtype:misc-attack;sid:101;rev:1;)

C.

alert tcp any 23 < > any 23 (msg:Telnet shell; class type:misc-attack;sid:100; rev:1;)

D.

alert udp any any < > any 5060 (msg:VOIP message; classtype:misc-attack;sid:113; rev:2;)

GCED PDF/Engine
  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions
buy now GCED pdf
Get 65% Discount on All Products, Use Coupon: "ac4s65"
Next
What would be the output of the following Google search?
Which of the following is the best way to establish and verify the integrity of...
Previous