cisco网络安全答案1

1.Whatisapingsweep?ApingsweepisanetworkscanningtechniquethatindicatesthelivehostsinarangeofIPaddresses.ApingsweepisasoftwareapplicationthatenablesthecaptureofallnetworkpacketssentacrossaLAN.ApingsweepisascanningtechniquethatexaminesarangeofTCPorUDPportnumbersonahosttodetectlisteningservices.Apingsweepisaqueryandresponseprotocolthatidentifiesinformationaboutadomain,includingtheaddressesassignedtothatdomain.ObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption10pointsforanyotheroption222Whichaccessattackmethodinvolvesasoftwareprogramattemptingtodiscoverasystempasswordbyusinganelectronicdictionary?bufferoverflowattackportredirectionattackDenialofServiceattackbrute-forceattackIPspoofingattackpacketsnifferattackObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption40pointsforanyotheroption203HowisaSmurfattackconducted?bysendingalargenumberofpackets,overflowingtheallocatedbuffermemoryofthetargetdevicebysendinganechorequestinanIPpacketlargerthanthemaximumpacketsizeof65,535bytesbysendingalargenumberofICMPrequeststodirectedbroadcastaddressesfromaspoofedsourceaddressonthesamenetworkbysendingalargenumberofTCPSYNpacketstoatargetdevicefromaspoofedsourceaddressObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption30pointsforanyotheroption224Aportscanisclassifiedaswhattypeofattack?accessattackDenialofServiceattackreconnaissanceattackspoofingattackObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption30pointsforanyotheroption205Whatarethebasicphasesofattackthatcanbeusedbyavirusorworminsequentialorder?paralyze,probe,penetrate,persist,andpropagateprobe,penetrate,persist,propagate,andparalyzepenetrate,persist,propagate,paralyze,andprobepersist,propagate,paralyze,probe,andpenetrateObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption20pointsforanyotheroption206Whatarethethreemajorcomponentsofawormattack?(Choosethree.)enablingvulnerabilityinfectingvulnerabilitypayloadpenetrationmechanismprobingmechanismpropagationmechanismObservableDescriptionMaxValueEarnedValue1correctnessofresponseOption1,Option3,andOption6arecorrect.1pointforeachcorrectoption.0pointsifmoreoptionsareselectedthanrequired.317WhichtypeofsoftwaretypicallyusesanetworkadaptercardinpromiscuousmodetocaptureallnetworkpacketsthataresentacrossaLAN?portscannerpingsweeperpacketsnifferInternetinformationqueryObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption30pointsforanyotheroption208Anattackerisusingalaptopasarogueaccesspointtocaptureallnetworktrafficfromatargeteduser.Whichtypeofattackisthis?trustexploitationbufferoverflowmaninthemiddleportredirectionObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption30pointsforanyotheroption209Whichthreeoptionsdescribethephasesofwormmitigation?(Choosethree.)ThecontainmentphaserequirestheuseofincomingandoutgoingACLsonroutersandfirewalls.Thecontainmentphasetracksdownandidentifiestheinfectedmachineswithinthecontainedareas.Theinoculationphasedisconnects,blocks,orremovesinfectedmachines.Theinoculationphasepatchesuninfectedsystemswiththeappropriatevendorpatchforthevulnerability.Thequarantinephaseterminatesthewormprocess,removesmodifiedfilesorsystemsettings,andpatchesthevulnerabilitythewormusedtoexploitthesystem.Thetreatmentphasedisinfectsactivelyinfectedsystems.ObservableDescriptionMaxValueEarnedValue1correctnessofresponseOption1,Option4,andOption6arecorrect.1pointforeachcorrectoption.0pointsifmoreoptionsareselectedthanrequired.3110Whichphaseofwormmitigationrequirescompartmentalizationandsegmentationofthenetworktoslowdownorstopthewormandpreventcurrentlyinfectedhostsfromtargetingandinfectingothersystems?containmentphaseinoculationphasequarantinephasetreatmentphaseObservableDescriptionMaxValueEarnedValue1correctnessofresponse2pointsforOption10pointsforanyotheroption2011WhatisacharacteristicofaTrojanHorse?ATrojanHorsecanbecarriedinavirusorworm.AproxyTrojanHorseopensport21onthetargetsystem.AnFTPTrojanHorsestopsanti-virusprogramsorfirewallsfromfunctioning.ATrojanHorsecanbehardtodetectbecauseitcloseswhentheapplicationthatlauncheditcloses.ObservableDescriptionMaxValue1correctnessofresponse2pointsforOption10pointsforanyotheroption212Whichtwostatementsarecharacteristicsofavirus?(Choosetwo.)Avirustypicallyrequiresend-useractivation.Avirushasanenablingvulnerability,apropagationmechanism,andapayload.Avirusreplicatesitselfbyindependentlyexploitingvulnerabilitiesinnetworks.Avirusprovidestheattackerwithsensitivedata,suchaspasswords.Aviruscanbedormantandthenactivateataspecifictimeordate.ObservableDescriptionMaxValueEarnedValue1correctnessofresponseOption1andOption5arecorrect.1pointforeachcorrectoption.0pointsifmoreoptionsareselectedthanrequired.2013WhichtwoarecharacteristicsofDoSattacks?(Choosetwo.)Theyalwaysprecedeaccessattacks.Theyattempttocompromisetheavailabilityofanetwork,host,orapplication.Theyaredifficulttoconductandareinitiatedonlybyveryskilledattackers.Theyarecommonlylaunched