Snort

Here are the top interview questions for Snort Developer, the questions are submitted by professionals to help you to ace the job interview.

Q.1 What characterizes Snort tool for managing numerous Snort sensors in a distributed environment ?
1. Ability to merge new rules into existing rule files 2. Ability to update rules via the Web 3. Ability to securely upload and download configuration changes via secure copy
Q.2 What is WinPcap?
WinPcap is API library for network traffic capture.
Q.3 What does the option of -A results in, if used with snort.conf
It will result in fast alert mode
Q.4 What SID is used for rules included with the Snort distribution
100 to 999,999
Q.5 Which method is useful for detecting BitTorrent?
1. Track when bittorent is installed on a client machine 2. Detects when an installed client is communicating with another BitTorrent server 3. List a count of the top ports in use on the network
Q.6 How can we block an attack in real time, in Snort
Active response and using the session termination
Q.7 How to listen in from a hub by Snort, without showing up on the network
Connect Snort to the hub using a receive-only Ethernet cable.
Get Govt. Certified Take Test