What is the primary purpose of a defined rule in an IPS?
A.
To detect internal attacks
B.
To define a set of actions that occur when a specific user logs in to the system
C.
To configure an event action that is pre-defined by the system administrator
D.
To configure an event action that takes place when a signature is triggered
Explanation:
Brad
Answer- D
Confidence level: 80%
Note: I suspect this is one of the questions I answered incorrectly on my exam. I answered C, which is the
answer I have in my study guide. However, things I have seen since have led me to believe the correct answer
is D.
http://www.cisco.com/c/en/us/td/docs/security/security_management/cisco_security_manager/security_manager/4-1/user/guide/CSMUserGuide_wrapper/ipsevact.pdf
The link above support option D