what attack signature group severity level is reported for reconnaissance attacks?

By default, what attack signature group severity level is reported for reconnaissance attacks?

By default, what attack signature group severity level is reported for reconnaissance attacks?

A.
High

B.
Critical

C.
Medium

D.
Emergency

Explanation:
Predefined attack object groups contain attack objects for a specific protocol. For each protocol, the groups are
separated into protocol anomalies and stateful signatures, and then roughly organized by severity. The three attack object group severity levels are critical, high, and medium:
Critical: Contains attack objects matching exploits that attempt to evade detection, cause a network device to crash, or gain system-level privileges. High: Contains attack objects matching exploits that attempt to disrupt a service, gain user-level access to a
network device, or activate a Trojan horse previously loaded on a device. Medium: Contains attack objects matching exploits that detect reconnaissance efforts attempting to access vital information through directory traversal or information leaks. Low: Contains attack objects matching exploits that attempt to obtain non-critical information or scan a network with a scanning tool. Info: Contains attack objects matching normal, harmless traffic containing URLs, DNS lookup failures, SNMP public community strings, and Peer-to-Peer (P2P) parameters. You can use informational attack objects to obtain information about your network.



Leave a Reply 0

Your email address will not be published. Required fields are marked *