Within a Snort rule, which one of the following statements best describes an event trigger?
A. The IPS engine compares a packet against the defined rules, and if that packets data matches all the conditions, then an event is triggered signaling a potential issue.
B. Events are triggered when the defined conditions partially match, causing the IPS engine to fire an alert.
C. An event is triggered only after the IPS engine compares the packet payloads against the known reputation database lists.
D. An event is triggered only after the IPS engine compares the header fields against the known reputation database lists.
E. Snort rules are not designed to trigger network alerts.
