a. What is Snort? [1] b. According to “Snort Users Manual” (downloadable under “Docs” menu), what are the three modes in which Snort operates and how it behaves under each mode? Show an example command to put Snort in each mode. [6] c. Explain the difference between the rule headers and rule options [2] d. List 8 different types of actions Snort may take upon a rule match. Describe what each action type does. [2] Solution a. Snort: Snort is an open source network capable of performing real-time traffic study and packet-logging on IP networks. It can transmit the protocol analysis, content searching & matching and is used to detect a range of attacks and investigates, such as buffer run over, cautious port scans, OS fingerprinting efforts. d. Types of snort actions:.