1. Home
  2. Discussions
  3. GIAC
  4. Security Certification: GASF
  5. GCED Discussions
  6. GCED Exam Topic 2 Question 18 Discussion

GIAC Certified Enterprise Defender GCED Question # 18 Topic 2 Discussion

 GIAC Discussions      Browse All Questions      Go to Exam Detail      Get Premium Access
 Previous
Next  

GIAC Certified Enterprise Defender GCED Question # 18 Topic 2 Discussion

GCED Exam Topic 2 Question 18 Discussion:
Question #: 18
Topic #: 2

Why would the pass action be used in a Snort configuration file?
A.

The pass action simplifies some filtering by specifying what to ignore.

B.

The pass action passes the packet onto further rules for immediate analysis.

C.

The pass action serves as a placeholder in the snort configuration file for future rule updates.

D.

Using the pass action allows a packet to be passed to an external process.

E.

The pass action increases the number of false positives, better testing the rules.

Get Premium GCED Questions
Actual exam question for GIAC GCED exam by Xander7773 at Aug 3, 2025, 12:00:00 AM

Contribute your Thoughts:


Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.

Submit
 Previous
Next