《思科网络工程师题库1.docx》由会员分享,可在线阅读,更多相关《思科网络工程师题库1.docx(61页珍藏版)》请在第壹文秘上搜索。
1、CCNP/CCIESecuritySCOR思科网络工程师题库1QLlnwhichformofattackisalternateencoding,suchashexadecimalrepresentation,mostoftenobserved?A. SmurfB. distributeddenialofserviceC. cross-sitescriptingD. rootkitexploitAnswer:CExplanation:Crosssitescripting(alsoknownasXSS)occurswhenawebapplicationgathersmaliciousdatafro
2、mauser.Thedataisusuallygatheredintheformofahyperlinkwhichcontainsmaliciouscontentwithinit.Theuserwillmostlikelyclickonthislinkfromanotherwebsite,instantmessage,orsimplyjustreadingawebboardoremailmessage.UsuallytheattackerwillencodethemaliciousportionofthelinktothesiteinHEX(orotherencodingmethods)sot
3、herequestislesssuspiciouslookingtotheuserwhenclickedon.Forexamplethecodebelowiswritteninhex:ClickHereisequivalentto:ClickHereNote:Intheformathhhh”,hhhhisthecodepointinhexadecimalform.Q2.WhichflawdoesanattackerleveragewhenexploitingSQLinjectionvulnerabilities?A. userinputvalidationinawebpageorweba
4、pplicationB. LinuxandWindowsoperatingsystemsC. databaseD. webpageimagesAnswer:AExplanation:SQLinjectionusuallyoccurswhenyouaskauserforinput,liketheirusername/userid,buttheusergives(injects)youanSQLstatementthatyouwillunknowinglyrunonyourdatabase.Forexample:Lookatthefollowingexample,whichcreatesaSELE
5、CTstatementbyaddingavariable(txtUserld)toaselectstring.Thevariableisfetchedfromuserinput(getRequestString):txtUserld=getRequestString(Userld);txtSQL=SELECT*FROMUsersWHEREUserld=+txtUserld;Ifuserentersomethinglikethis:100OR1=1thentheSQLstatementwilllooklikethis:SELECT*FROMUsersWHEREUserld=100OR1=1;Th
6、eSQLaboveisvalidandwillreturnALLrowsfromtheUserstable,sinceOR1=1isalwaysTRUE.Ahackermightgetaccesstoalltheusernamesandpasswordsinthisdatabase.Q3.WhichtwopreventiontechniquesareusedtomitigateSQLinjectionattacks?(Choosetwo)A. Checkinteger,float,orBooleanstringparameterstoensureaccuratevalues.B. Usepre
7、paredstatementsandparameterizedqueries.C. Securetheconnectionbetweenthewebandtheapptier.D. WriteSQLcodeinsteadofusingobject-relationalmappinglibraries.E. BlockSQLcodeexecutioninthewebapplicationdatabaselogin.Answer:ABQ4.Whichtwoendpointmeasuresareusedtominimizethechancesoffallingvictimtophishingands
8、ocialengineeringattacks?(Choosetwo)A. Patchforcross-sitescripting.B. Performbackupstotheprivatecloud.C. Protectagainstinputvalidationandcharacterescapesintheendpoint.D. Installaspamandvirusemailfilter.E. Protectsystemswithanup-to-dateantimalwareprogram.Answer:DEExplanation:Phishingattacksarethepract
9、iceofsendingfraudulentcommunicationsthatappeartocomefromareputablesource.Itisusuallydonethroughemail.Thegoalistostealsensitivedatalikecreditcardandlogininformation,ortoinstallmalwareonthevictimsmachine.Q5.Whichtwomechanismsareusedtocontrolphishingattacks?(Choosetwo)A. Enablebrowseralertsforfraudulen
10、twebsites.B. Definesecuritygroupmemberships.C. RevokeexpiredCRLofthewebsites.D. Useantispywaresoftware.E. Implementemailfilteringtechniques.Answer:AEQ6.Whichtwobehavioralpatternscharacterizeapingofdeathattack?(Choosetwo)A. Theattackisfragmentedintogroupsof16octetsbeforetransmission.B. Theattackisfra
11、gmentedintogroupsof8octetsbeforetransmission.C. ShortsynchronizedburstsoftrafficareusedtodisruptTCPconnections.D. Malformedpacketsareusedtocrashsystems.E. PubliclyaccessibleDNSserversaretypicallyusedtoexecutetheattack.Answer:BDExplanation:PingofDeath(PoD)isatypeofDenialofService(DoS)attackinwhichana
12、ttackerattemptstocrash,destabilize,orfreezethetargetedcomputerorservicebysendingmalformedoroversizedpacketsusingasimplepingcommand.Acorrectly-formedpingpacketistypically56bytesinsize,or64byteswhentheICMPheaderisconsidered,and84includingInternetProtocolversion4header.However,anyIPv4packet(includingpi
13、ngs)maybeaslargeas65,535bytes.SomecomputersystemswereneverdesignedtoproperlyhandleapingpacketlargerthanthemaximumpacketsizebecauseitviolatestheInternetProtocoldocumentedLikeotherlargebutwell-formedpackets,apingofdeathisfragmentedintogroupsof8octetsbeforetransmission.However,whenthetargetcomputerreas
14、semblesthemalformedpacket,abufferoverflowcanoccur,causingasystemcrashandpotentiallyallowingtheinjectionofmaliciouscode.Q7Whichtwopreventivemeasuresareusedtocontrolcross-sitescripting?(Choosetwo)A. Enableclient-sidescriptsonaper-domaibasis.B. Incorporatecontextualoutputecodingescaping.C. Disablecooki
15、einspectionintheHTMLinspectionengine.D. RununtrustedHTMLinputthroughanHTMLsanitizationengine.E. SameSitecookieattributeshouldnotbeused.Answer:ABQ8.Whatisthedifferencebetweendeceptivephishingandspearphishing?A. DeceptivephishingisanattackedaimedataspecificuserintheorganizationwhoholdsaC-Ievelrole.B. Aspearphishingcampaignisaimedataspecificpersonversusagroupofpeople.C. SpearphishingiswhentheattackisaimedattheC-Ievelexecutivesofanorganization.D. Deceptivephishinghijacksan