You implement all HTTP Signatures for your Web Server and notice an alert is generated each time a
web user accesses the SQL database with the default passwords. Your webmaster does not want to
reprogram the page to use valid SQL passwords. How do you disable alerting on this False Positive?
A.
create an Exempt rule for any traffic destined to your Web Server, include all
HTTP:LOW level attacks; make this a Terminal rule
B.
create an Exempt rule for any traffic destined to your Web Server, include only the specific HTTP
SQL default password signature
C.
create an Exempt rule for any traffic destined to your Web Server, include all
HTTP:LOW level attacks
D.
create an Exempt rule for any traffic generated by your Webserver, include only the specific HTTP
SQL default password signature