New Year Sale ! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC Exam GSEC Topic 10 Question 60 Discussion

Actual exam question for GIAC's GSEC exam
Question #: 60
Topic #: 10
[All GSEC Questions]

Use sudo to launch Snort with the, /etc /snort /snort.conf file In full mode to generate alerts based on incoming traffic to echo. What is the source IP address of the traffic triggering an alert with a destination port of 156?

Note: Snort Is configured to exit after It evaluates 50 packets.

Show Suggested Answer Hide Answer
Suggested Answer: I

by Antonio at Oct 23, 2024, 08:15 AM

Limited Time Offer

25%

Off

Get Premium GSEC Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Jeniffer
24 days ago
This is definitely a 'read the question carefully' kind of problem. I bet the answer is hiding in plain sight, and I'm just overthinking it. Time to put on my thinking cap and concentrate!
upvoted 0 times
...
Deandrea
1 months ago
I wonder if the developers of this exam are just trying to see how many IP addresses we can memorize. Maybe they'll throw in a trick question and the real answer is '127.0.0.1' just to keep us on our toes.
upvoted 0 times
Kyoko
12 days ago
B) 10.72.101.210
upvoted 0 times
...
Joaquin
16 days ago
A) 192.168.^.30
upvoted 0 times
...
...
Mireya
1 months ago
Ah, the classic 'find the needle in the haystack' scenario. I bet the answer is something super obscure, like 10.11.12.13. Let's see if my Sherlock Holmes skills can crack this case!
upvoted 0 times
...
Tayna
1 months ago
Hmm, this seems like a tricky one. I wonder if I can just guess the IP address and hope for the best. Or maybe I should try running Snort myself to see what kind of alerts it generates.
upvoted 0 times
Willie
12 days ago
If you're up for a challenge, running Snort is definitely the way to go. Good luck!
upvoted 0 times
...
Audra
19 days ago
I agree, guessing the IP address might not be the best approach. Running Snort will give you more accurate results.
upvoted 0 times
...
Brett
29 days ago
I think it's worth a shot to try running Snort yourself. You might learn something new.
upvoted 0 times
...
...
Melinda
2 months ago
The question is pretty straightforward, but the number of options is a bit overwhelming. I'll have to carefully review the captured traffic to identify the source IP address with the destination port of 156.
upvoted 0 times
Billy
14 days ago
Let's review the traffic capture together to make sure we have the right source IP address.
upvoted 0 times
...
Lynelle
20 days ago
I'm not sure, I need to double-check the traffic capture to confirm the source IP address.
upvoted 0 times
...
Harrison
23 days ago
I agree, that seems like the correct option based on the traffic capture.
upvoted 0 times
...
Carin
25 days ago
I think the source IP address triggering the alert with destination port 156 is 10.10.28.19
upvoted 0 times
...
...
Lizette
2 months ago
I believe it's 10.10.199.146 as well because the destination port is 156
upvoted 0 times
...
Yuki
2 months ago
I think the source IP address is 10.10.199.146
upvoted 0 times
...

Save Cancel