Refer to the exhibit. A company's user HTTP connection to a malicious site was blocked according to configured policy. What is the source technology used for this measure?
Refer to the exhibit. A company's user HTTP connection to a malicious site was blocked according to configured policy. What is the source technology used for this measure?
The source technology used for blocking the user's HTTP connection according to the configured policy is an Intrusion Prevention System (IPS). This can be deduced from the provided alert message, which mentions 'sid:30252' and 'rev:3'. These are identifiers typically used in Snort or similar IDS/IPS systems. Additionally, the term 'ips drop' in the metadata section further indicates that the IPS was responsible for taking action to drop the connection.
Its a Snort like alert, so an IPS
Sorry for my last comment, pls delete
For me it's D
C* sorry