An engineer defines a new rule while configuring an Access Control Policy. After deploying the policy, the rule is not working as expected and the hit counters associated with the rule are showing zero. What is causing this error?
Ah, the old 'incorrect application signature' trick. I've seen that one before. It's always a good idea to double-check the details when configuring these rules.
Ah, the old 'incorrect application signature' trick. I've seen that one before. It's always a good idea to double-check the details when configuring these rules.
I don't know, guys. What if the engineer selected the wrong source interface for Snort? That could also lead to the rule not working as expected and the hit counters showing zero.
You make a good point. But I'm leaning more towards the rule not being enabled after creation. That would definitely cause the hit counters to show zero, even if the rule is properly configured.
Hmm, this question seems a bit tricky. I think the logging issue could be the culprit here. If logging is not enabled, we won't be able to see the hit counters, even if the rule is working correctly.
upvoted 0 times
...
Log in to Pass4Success
Sign in:
Report Comment
Is the comment made by USERNAME spam or abusive?
Commenting
In order to participate in the comments you need to be logged-in.
You can sign-up or
login
Mari
6 months agoSarah
7 months agoElinore
7 months agoAmber
7 months agoTiera
7 months agoCorrie
7 months agoJohana
8 months agoPaola
8 months agoLinn
8 months agoWilson
8 months agoCatina
8 months agoThomasena
8 months agoJin
8 months agoAileen
8 months agoGiuseppe
8 months ago