What signature details should be adjusted to only trigger the alert on a certain amount of client packets within a certain period of time?

The controller is reporting an IDS signature ‘deauth flood’ attack and it has been determined that
the default settings are too sensitive for the environment. What signature details should be
adjusted to only trigger the alert on a certain amount of client packets within a certain period of
time?

The controller is reporting an IDS signature ‘deauth flood’ attack and it has been determined that
the default settings are too sensitive for the environment. What signature details should be
adjusted to only trigger the alert on a certain amount of client packets within a certain period of
time?

A.
Measurement Interval and Quiet Time

B.
Signature Frequency and Signature MAC Frequency

C.
Measurement Interval and Signature MAC Frequency

D.
Quiet Time and Signature Frequency

Explanation:



Leave a Reply 0

Your email address will not be published. Required fields are marked *