Study tips 500-280

Which file defines Snort IDs and associated alert labels that are not provided within the unified output format?

Which information does the rule body contain?

Which character must a rule body end with?

Which keyword can you use to check a packet IP header TTL value?

Which action is valid for decoder/preprocessor stub rules?

Which keyword can you use to try to close a session when an alert is triggered?

Which rule keyword categorizes alerts into attack classes?

what is the offset?

how many bytes are being jumped?

where does the system look for the "C" or "c"?