思科网络工程师题库1.docx

《思科网络工程师题库1.docx》由会员分享，可在线阅读，更多相关《思科网络工程师题库1.docx（61页珍藏版）》请在优知文库上搜索。

1、CCNP/CCIESecuritySCOR思科网络工程师题库1QLlnwhichformofattackisalternateencoding,suchashexadecimalrepresentation,mostoftenobserved?A. SmurfB. distributeddenialofserviceC. cross-sitescriptingD. rootkitexploitAnswer:CExplanation:Crosssitescripting(alsoknownasXSS)occurswhenawebapplicationgathersmaliciousdatafro

2、mauser.Thedataisusuallygatheredintheformofahyperlinkwhichcontainsmaliciouscontentwithinit.Theuserwillmostlikelyclickonthislinkfromanotherwebsite,instantmessage,orsimplyjustreadingawebboardoremailmessage.UsuallytheattackerwillencodethemaliciousportionofthelinktothesiteinHEX(orotherencodingmethods)sot

3、herequestislesssuspiciouslookingtotheuserwhenclickedon.Forexamplethecodebelowiswritteninhex:ClickHereisequivalentto:ClickHereNote:Intheformat&#Xhhhh”,hhhhisthecodepointinhexadecimalform.Q2.WhichflawdoesanattackerleveragewhenexploitingSQLinjectionvulnerabilities?A. userinputvalidationinawebpageorweba

4、pplicationB. LinuxandWindowsoperatingsystemsC. databaseD. webpageimagesAnswer:AExplanation:SQLinjectionusuallyoccurswhenyouaskauserforinput,liketheirusername/userid,buttheusergives(injects)youanSQLstatementthatyouwillunknowinglyrunonyourdatabase.Forexample:Lookatthefollowingexample,whichcreatesaSELE

5、CTstatementbyaddingavariable(txtUserld)toaselectstring.Thevariableisfetchedfromuserinput(getRequestString):txtUserld=getRequestString(Userld);txtSQL=SELECT*FROMUsersWHEREUserld=+txtUserld;Ifuserentersomethinglikethis:100OR1=1thentheSQLstatementwilllooklikethis:SELECT*FROMUsersWHEREUserld=100OR1=1;Th

6、eSQLaboveisvalidandwillreturnALLrowsfromtheUserstable,sinceOR1=1isalwaysTRUE.Ahackermightgetaccesstoalltheusernamesandpasswordsinthisdatabase.Q3.WhichtwopreventiontechniquesareusedtomitigateSQLinjectionattacks?(Choosetwo)A. Checkinteger,float,orBooleanstringparameterstoensureaccuratevalues.B. Usepre

7、paredstatementsandparameterizedqueries.C. Securetheconnectionbetweenthewebandtheapptier.D. WriteSQLcodeinsteadofusingobject-relationalmappinglibraries.E. BlockSQLcodeexecutioninthewebapplicationdatabaselogin.Answer:ABQ4.Whichtwoendpointmeasuresareusedtominimizethechancesoffallingvictimtophishingands

8、ocialengineeringattacks?(Choosetwo)A. Patchforcross-sitescripting.B. Performbackupstotheprivatecloud.C. Protectagainstinputvalidationandcharacterescapesintheendpoint.D. Installaspamandvirusemailfilter.E. Protectsystemswithanup-to-dateantimalwareprogram.Answer:DEExplanation:Phishingattacksarethepract

9、iceofsendingfraudulentcommunicationsthatappeartocomefromareputablesource.Itisusuallydonethroughemail.Thegoalistostealsensitivedatalikecreditcardandlogininformation,ortoinstallmalwareonthevictimsmachine.Q5.Whichtwomechanismsareusedtocontrolphishingattacks?(Choosetwo)A. Enablebrowseralertsforfraudulen

10、twebsites.B. Definesecuritygroupmemberships.C. RevokeexpiredCRLofthewebsites.D. Useantispywaresoftware.E. Implementemailfilteringtechniques.Answer:AEQ6.Whichtwobehavioralpatternscharacterizeapingofdeathattack?(Choosetwo)A. Theattackisfragmentedintogroupsof16octetsbeforetransmission.B. Theattackisfra

11、gmentedintogroupsof8octetsbeforetransmission.C. ShortsynchronizedburstsoftrafficareusedtodisruptTCPconnections.D. Malformedpacketsareusedtocrashsystems.E. PubliclyaccessibleDNSserversaretypicallyusedtoexecutetheattack.Answer:BDExplanation:PingofDeath(PoD)isatypeofDenialofService(DoS)attackinwhichana

12、ttackerattemptstocrash,destabilize,orfreezethetargetedcomputerorservicebysendingmalformedoroversizedpacketsusingasimplepingcommand.Acorrectly-formedpingpacketistypically56bytesinsize,or64byteswhentheICMPheaderisconsidered,and84includingInternetProtocolversion4header.However,anyIPv4packet(includingpi

13、ngs)maybeaslargeas65,535bytes.SomecomputersystemswereneverdesignedtoproperlyhandleapingpacketlargerthanthemaximumpacketsizebecauseitviolatestheInternetProtocoldocumentedLikeotherlargebutwell-formedpackets,apingofdeathisfragmentedintogroupsof8octetsbeforetransmission.However,whenthetargetcomputerreas

14、semblesthemalformedpacket,abufferoverflowcanoccur,causingasystemcrashandpotentiallyallowingtheinjectionofmaliciouscode.Q7Whichtwopreventivemeasuresareusedtocontrolcross-sitescripting?(Choosetwo)A. Enableclient-sidescriptsonaper-domaibasis.B. Incorporatecontextualoutputecodingescaping.C. Disablecooki

15、einspectionintheHTMLinspectionengine.D. RununtrustedHTMLinputthroughanHTMLsanitizationengine.E. SameSitecookieattributeshouldnotbeused.Answer:ABQ8.Whatisthedifferencebetweendeceptivephishingandspearphishing?A. DeceptivephishingisanattackedaimedataspecificuserintheorganizationwhoholdsaC-Ievelrole.B. Aspearphishingcampaignisaimedataspecificpersonversusagroupofpeople.C. SpearphishingiswhentheattackisaimedattheC-Ievelexecutivesofanorganization.D. Deceptivephishinghijacksan