How would you accomplish this?

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an
event when 30 port scans have occurred within 60 seconds. You also want to detect two

port scans from a host within 10 seconds of each other. How would you accomplish this?

You have selected the event Port Scan from Internal Network in SmartEvent, to detect an
event when 30 port scans have occurred within 60 seconds. You also want to detect two

port scans from a host within 10 seconds of each other. How would you accomplish this?

A.
Define the two port-scan detections as an exception.

B.
You cannot set SmartEvent to detect two port scans from a host within 10 seconds of
each other.

C.
Select the two port-scan detections as a sub-event.

D.
Select the two port-scan detections as a new event.

Show Hint

Leave a Reply 0

Your email address will not be published. Required fields are marked *