思科网络工程师题库3.pdf
《思科网络工程师题库3.pdf》由会员分享,可在线阅读,更多相关《思科网络工程师题库3.pdf(104页珍藏版)》请在得力文库 - 分享文档赚钱的网站上搜索。
1、思科网络工程师题库1-200Ql.ln which form of attack is alternate encoding,such as hexadecimal representation,mostoften observed?A.SmurfB.distributed denial of serviceC.cross-site scriptingD.rootkit exploitAnswer:CExplanation:Cross site scripting(also known as XSS)occurs when a web application gathers malicious
2、 datafrom a user.The data is usually gathered in the form of a hyperlink which contains maliciouscontent within it.The user will most likely click on this link from another website,instantmessage,or simply just reading a web board or email message.Usually the attacker will encode the malicious porti
3、on of the link to the site in HEX(or otherencoding methods)so the request is less suspicious looking to the user when clicked on.Forexample the code below is written in hex:Click Hereis equivalent to:Click HereNote:In the formathhhh,hhhh is the code point in hexadecimal form.Q2.Which flaw does an
4、 attacker leverage when exploiting SQL injection vulnerabilities?A.user input validation in a web page or web applicationB.Linux and Windows operating systemsC.databaseD.web page imagesAnswer:AExplanation:SQL injection usually occurs when you ask a user for input,like their username/userid,but theus
5、er gives(injects)you an SQL statement that you will unknowingly run on your database.For example:Look at the following example,which creates a SELECT statement by adding a variable(txtUserld)to a select string.The variable is fetched from user input(getRequestString):txtUserld=getRequestString(Userl
6、d);txtSQL=SELECT*FROM Users WHERE Userid=+txtUserld;If user enter something likethis:100 OR 1=1 then the SQL statement will look like this:SELECT*FROM Users WHERE Userid=100 OR 1=1;The SQL above is valid and will return ALL rows from the Users table,since OR 1=1 is alwaysTRUE.A hacker might get acce
7、ss to all the user names and passwords in this database.Q3.Which two prevention techniques are used to mitigate SQL injection attacks?(Choosetwo)A.Check integer,float,or Boolean string parameters to ensure accurate values.B.Use prepared statements and parameterized queries.C.Secure the connection be
8、tween the web and the app tier.D.Write SQL code instead of using object-relational mapping libraries.E.Block SQL code execution in the web application database login.Answer:ABQ4.Which two endpoint measures are used to minimize the chances of falling victim tophishing and social engineering attacks?(
9、Choose two)A.Patch for cross-site scripting.B.Perform backups to the private cloud.C.Protect against input validation and character escapes in the endpoint.D.Install a spam and virus email filter.E.Protect systems with an up-to-date antimalware program.Answer:DEExplanation:Phishing attacks are the p
10、ractice of sending fraudulent communications that appear to comefrom a reputable source.It is usually done through email.The goal is to steal sensitive datalike credit card and login information,or to install malware on the victims machine.Q5.Which two mechanisms are used to control phishing attacks
11、?(Choose two)A.Enable browser alerts for fraudulent websites.B.Define security group memberships.C.Revoke expired CRL of the websites.D.Use antispyware software.E.Implement email filtering techniques.Answer:AEQ6.Which two behavioral patterns characterize a ping of death attack?(Choose two)A.The atta
12、ck is fragmented into groups of 16 octets before transmission.B.The attack is fragmented into groups of 8 octets before transmission.C.Short synchronized bursts of traffic are used to disrupt TCP connections.D.Malformed packets are used to crash systems.E.Publicly accessible DNS servers are typicall
13、y used to execute the attack.Answer:BDExplanation:Ping of Death(PoD)is a type of Denial of Service(DoS)attack in which an attacker attemptsto crash,destabilize,or freeze the targeted computer or service by sending malformed oroversized packets using a simple ping command.A correctly-formed ping pack
14、et is typically 56 bytes in size,or 64 bytes when the ICMP headeris considered,and 84 including Internet Protocol version 4 header.However,any IPv4 packet(including pings)may be as large as 65,535 bytes.Some computer systems were neverdesigned to properly handle a ping packet larger than the maximum
15、 packet size because itviolates the Internet Protocol documented Like other large but well-formed packets,a pingof death is fragmented into groups of 8 octets before transmission.However,when the targetcomputer reassembles the malformed packet,a buffer overflow can occur,causing a systemcrash and po
16、tentially allowing the injection of maliciouscode.Q7.Which two preventive measures are used to control cross-site scripting?(Choose two)A.Enable client-side scripts on a per-domain basis.B.Incorporate contextual output encoding/escaping.C.Disable cookie inspection in the HTML inspection engine.D.Run
17、 untrusted HTML input through an HTML sanitization engine.E.Same Site cookie attribute should not be used.Answer:ABQ8.What is the difference between deceptive phishing and spear phishing?A.Deceptive phishing is an attacked aimed at a specific user in the organization who holdsa C-level role.B.A spea
18、r phishing campaign is aimed at a specific person versus a group of people.C.Spear phishing is when the attack is aimed at the C-level executives of an organization.D.Deceptive phishing hijacks and manipulates the DNS server of the victim and redirectsthe user to a false webpage.Answer:BExplanation:
19、In deceptive phishing,fraudsters impersonate a legitimate company in an attempt to stealpeoples personal data or login credentials.Those emails frequently use threats and a senseof urgency to scare users into doing what the attackers want.Spear phishing is carefully designed to get a single recipien
20、t to respond.Criminals select anindividual target within an organization,using social media and other public information and craft a fake email tailored for that person.Q9.Which attack is commonly associated with C and C+programming languages?A.cross-site scriptingB.water holingC.DDoSD.buffer overfl
21、owAnswer:DExplanation:A buffer overflow(or buffer overrun)occurs when the volume of data exceeds the storagecapacity of the memory buffer.As a result,the program attempting to write the data to thebuffer overwrites adjacent memory locations.Buffer overflow is a vulnerability in low level codes of C
22、and C+.An attacker can cause theprogram to crash,make data corrupt,steal some private information or run his/her own code.It basically means to access any buffer outside of its alloted memory space.This happensquite frequently in the case of arrays.QlO.What is a language format designed to exchange
23、threat intelligence that can betransported over the TAXI I protocol?A.STIXB.XMPPC.pxGridD.SMTPAnswer:AExplanation:TAXI I(Trusted Automated Exchange of Indicator Information)is a standard that provides atransport mechanism(data exchange)of cyber threat intelligence information in STIX(Structured Thre
24、at Information eXpression)format.In other words,TAXI I servers can be usedto author and exchange STIX documents among participants.STIX(Structured Threat Information eXpression)is a standardized language which has beendeveloped in a collaborative way in order to represent structured information abou
25、t cyberthreats.It has been developed so it can be shared,stored,and otherwise used in a consistent mannerthat facilitates automation and human assisted analysis.Qll.W hich two capabilities does TAXI I support?(Choose two)A.ExchangeB.Pull messagingC.BindingD.CorrelationE.MitigatingAnswer:BCExplanatio
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 思科 网络工程师 题库
限制150内