Summer Special Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: vce65

A security analyst has entered the following rule to detect malicious web traffic:alert tcp any...

  1. Home
  2. GIAC
  3. Security Administration
  4. GSEC
  5. GSEC Questions
  6. GIAC Security Essentials Practice Questions

A security analyst has entered the following rule to detect malicious web traffic:

alert tcp any -> 192.168.1.0/24 SO (msg: Attempted SQL Injection!"; sld:20000O01;)

How can this rule be changed to reduce false positives?

A.

Change the rule to make it apply bi -directional to source and destination

B.

Add more detail in the rule to make it more specific to the attack pattern

C.

Add an additional rule to apply to destination port 443 as well as 80

D.

Make the IP range more general so that it applies to all webservers

GIAC GSEC View All Questions

GIAC GSEC Summary

  • Vendor: GIAC
  • Product: GSEC
  • Update on: Jul 25, 2025
  • Questions: 385
Price: $52.5  $149.99
Buy Now GSEC PDF + Testing Engine Pack
Next
Which of the following is the reason of using Faraday cage?
Which of the following protocols is used by a host that knows its own MAC...
Previous

Payments We Accept

Your purchase with ExamsVCE is safe and fast. Your products will be available for immediate download after your payment has been received.
The ExamsVCE website is protected by 256-bit SSL from McAfee, the leader in online security.

examsvce payment method

Contact Us

Copyright © 2013-2025 examsvce.com. All Rights Reserved
mcafee secure

TESTED 02 Aug 2025