Which option describes the two basic components of Sourcefire Snort rules?
A.
a rule body that contains packet-matching criteria or options to define where to look for
content in a packet, and a rule header to define matching criteria based on where a packet
originates, where it is going, and over which protocol
B.
preprocessor configurations to define what to do with packets before the detection engine
sees them, and detection engine configurations to define exactly how alerting is to take
place
C.
a rule statement characterized by the message you configure to appear in the alert, and
the rule body that contains all of the matching criteria such as source, destination, and
protocol
D.
a rule header to define source, destination, and protocol, and the output configuration to
determine which form of output to produce if the rule triggers