Which two options are the basic parts of a Snort rule? (Choose two)
A. rule policy
B. rule header
C. Rule assignment and ports
D. rule options
E. Rule footer
Which two options are the basic parts of a Snort rule? (Choose two)
A. rule policy
B. rule header
C. Rule assignment and ports
D. rule options
E. Rule footer
Snort rules are divided into two logical sections, the rule header and the rule options. The rule header contains the rule’s action, protocol, source and destination IP addresses and netmasks, and the source and destination ports information. The rule option section contains alert messages and information on which parts of the packet should be inspected to determine if the rule action should be taken.
http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node28.html