Network security detection and prevention test questions (II)

problem 1

Windows The operating system sets the account locking policy , This prevents ( ).
		A. Trojans invade 
		B. Violent attack 
		C.IP cheating 
		D. Buffer overflow attack 

1 branch
problem 2

 The threat type of Trojan horse attack belongs to ( ).
		A. Authorized infringement threat 
		B. Implanting threats 
		C. Infiltration threat 
		D. Bypass control threat 

1 branch
problem 3

 The following are not computer vulnerabilities ( ).
		A. out of buffer 
		B. Trojan horse 
		C.SQL Inject 
		D. Computer guest account 

1 branch
problem 4

 Which of the following represents a set of code written by a hacker to destroy the host system ?()
		A. Malicious code 
		B. Viruses 
		C. Trojan horse 
		D. worm 

1 branch
problem 5

 Which of the following represents the code written by a hacker to illegally access the information resources in the host system ?( )
		A. Malicious code 
		B. Viruses 
		C. Trojan horse 
		D. worm 

1 branch
problem 6

 The default listening port of the ice Trojan server program is （）.
		A.3389
		B.123
		C.7626
		D.80

1 branch
problem 7

 Trojan adoption （） Technology can solve the problem of intranet IP Address and news IP Besides the connection problems caused by addresses , Another important advantage is that you can bypass the restrictions of the firewall .
		A. Reverse connection 
		B. Forward connection 
		C. hide 
		D. damage 

1 branch
problem 8

 Trojan adoption （） technology , Mainly for some common service ports in the system , Use these legal ports to cover your network communication behavior .
		A. Reverse connection 
		B. Forward connection 
		C. Port multiplexing 
		D. damage 

1 branch
problem 9

 The Trojan horse with the purpose of stealing online bank account information belongs to （）.
		A. Password stealing Trojan horse 
		B. Download type Trojan horse 
		C. Proxy Trojan horse 
		D. Remote control Trojan horse 

1 branch
problem 10

 Ability to track user behavior , Store the collected information in the user's hard disk , The Trojan horse sent to the hacker in due course belongs to （）
		A. Password stealing Trojan horse 
		B. Download type Trojan horse 
		C. Surveillance Trojan horse 
		D. Remote control Trojan horse 

1 branch
problem 11

 Which kind of Trojan can guide the infected host to a specific Web Site .
		A. Password stealing Trojan horse 
		B. Download type Trojan horse 
		C. Surveillance Trojan horse 
		D. Click type Trojan horse 

1 branch
problem 12

 The remote control Trojan horse is generally composed of client program and server program , The client program runs on （）
		A. The host infected with the Trojan horse 
		B. Hackers implement remote control of the host 
		C. gateway 
		D. proxy server 

1 branch
problem 13

 Which of the following is not malicious code （）.
		A. Viruses 
		B. Trojan horse 
		C. System FLAW 
		D. worm 

1 branch
problem 14

 The following is not a Trojan horse function ( )
		A. Collect passwords or password files 
		B. A program that replicates itself 
		C. Remote files 
		D. Collect system key information 

1 branch
problem 15

 The right thing to know about Trojans is ( )
		A. Trojan horse propagation must be placed manually 
		B. Trojan horse is actually a kind of remote control software 
		C. Trojans are not viruses 
		D. Trojans can only work in windows On the platform 

1 branch
problem 16

 In order to implement remote control , It usually needs infected host feedback ( ) Information .
		A. Account number and password 
		B.IP Address 
		C. Listening port 
		D. User files 

1 branch
problem 17

 The following description of malicious code prevention is correct （）
		A. Update the system in time , Fix security holes 
		B. Set security policy , Restrict scripts 
		C. Enable firewall , Filter unnecessary services 
		D. All of the above are true 

1 branch
problem 18

 The protocol mainly used for encryption mechanism is ( )
		A.HTTP
		B.FTP
		C.TELNET
		D.SSL

1 branch
problem 19

 The famous Nmap Which of the following functions cannot be realized by software tools ？( )
		A. Port scanning 
		B. Advanced port scan 
		C. Security vulnerability scanning 
		D. Operating system type detection 

1 branch
problem 20

 You are a company network administrator , You often manage your network from different remote locations （ At home ）, Your company uses win2000 operating system , In order to facilitate remote management , Terminal services is installed and enabled on a server . lately , You find that your server is under control , After your examination , You find an unfamiliar account on your server , You delete it , But the next day the same thing always happens , How should you solve this problem ？ （ ）
		A. Disable Terminal Services 
		B. Add firewall rules , Except for your own family IP Address , Reject all 3389 The port of is connected to 
		C. Apply security patches sp4
		D. Enable account audit events , Then check the source , Be investigated 

1 branch
problem 21

 The methods to prevent buffer overflow attacks in programming are ( ).Ⅰ. Written correctly 、 Secure code  Ⅱ. Program pointer integrity detection  Ⅲ. Array boundary checking  Ⅳ. Use application protection software 
		A.Ⅰ、Ⅱ and Ⅳ
		B.Ⅰ、Ⅱ and Ⅲ
		C.Ⅱ and Ⅲ
		D. All are 

1 branch
problem 22

 To input a very long string into a limited space is （) Means of attack .
		A. out of buffer 
		B. Network monitoring 
		C. Denial of service 
		D.IP cheating 

1 branch
problem 23

 The following are not precautions SQL What injects effective measures is ( ).
		A. Use sa Log in to the database 
		B. Use stored procedures to query 
		C. Check the validity of user input 
		D.SQL Do not display all error messages when running an error 

1 branch
problem 24

 Which of the following attacks is not at the network layer ( )
		A.IP cheat 
		B.Teardrop
		C.Smurf
		D.SQL Inject 

1 branch
problem 25

 What kind of attack is it to enter an ultra long string into a limited space ?（）
		A. out of buffer 
		B. Network monitoring 
		C. Denial of service 
		D.IP cheating 

1 branch
problem 26

 Many hacker attacks exploit buffer overflow vulnerabilities in software implementation , For this threat , What is the most reliable solution ?（ ）
		A. Install anti-virus software 
		B. Install the latest patch to the system 
		C. Install firewall 
		D. Install intrusion detection system 

1 branch
problem 27

 common Web Attack methods , barring ？（）
		A. Exploit server configuration vulnerability 
		B. Malicious code uploading and downloading 
		C. Construct malicious input （SQL Injection attack 、 Command injection attacks 、 Cross-site scripting attacks ）
		D. Business test 

1 branch
problem 28

 Make the network server full of a large number of information requiring reply , Bandwidth consumption , Cause the network or system to stop normal service , What kind of attack is this ? ( )
		A. Denial of service 
		B. File sharing 
		C.BIND Loophole 
		D、 Remote procedure call 

1 branch
problem 29

 Here's about DoS Description of the attack , Which sentence is correct ?( )
		A. No need to invade the attacked system 
		B. For the purpose of stealing confidential information on the target system 
		C. As a result, the target system cannot process the requests of normal users 
		D、 If the target system has no vulnerabilities , A long-range attack cannot succeed 

1 branch
problem 30

 Denial of service attacks ( ).
		A. It refers to consuming available systems with massive data packets that exceed the processing capacity of the target being attacked 、 Attacks on bandwidth resources and other methods 
		B. The full English name is Distributed Denial of Service
		C. Reject an instruction from a server to respond to a request 
		D. Remote shutdown after intrusion control of a server 

1 branch
problem 31

DDoS The attack destroyed ( ).
		A. Usability 
		B. confidentiality 
		C. integrity 
		D. Authenticity 

1 branch
problem 32

 When you feel that the operating system is running slower , open Windows Task manager found CPU The utilization rate of is 100% when , Is most likely to be affected by ( ) attack .
		A. Trojan horse 
		B. Denial of service 
		C. cheating 
		D. A middleman 

1 branch
problem 33

 In network attack activities ,TFN yes (） Class attacker .
		A. Denial of service 
		B. Dictionary attack 
		C. Network monitoring 
		D. Virus program 

1 branch
problem 34

 Death Ping Belong to ( ).
		A. Pretend to attack 
		B. Denial of service attacks 
		C. Replay attack 
		D. Tamper attacks 

1 branch
problem 35

DoS The characteristics of the attack do not include ( ).
		A. Attackers launch attacks from multiple locations 
		B. The victim is in “ busy ” state 
		C. The attacker steals the attacker's confidential information through intrusion 
		D. The attacker cannot provide normal services 

1 branch
problem 36

" Based on network low-level protocol , Exploit the loopholes in the implementation of the protocol or operating system to achieve the purpose of attack , This kind of attack is called ( )."
		A. Trojan horse attack 
		B. Denial of service attacks 
		C. Passive attack 
		D. Cross-site scripting attacks 

1 branch
problem 37

" About SYN Flood attack , Which of the following descriptions is wrong ?()"
		A.TCP The connection entries in the session table are limited 
		B. The establishment process has not been completed TCP Connections occupy connection items 
		C. With forged 、 What doesn't exist in the network IP Address origination  TCP Connection establishment process 
		D. The establishment process has not been completed  TCP The connection permanently occupies the connection item 

1 branch
problem 38

" About indirect DDoS attack , Which of the following descriptions is wrong ?( )"
		"A, Puppet machine random generation is effective IP Address set "
		B. The normal host system sends the corresponding response message 
		C. The normal host system does not identify the source of the received request message 
		D. The request message sent by the puppet machine is valid and randomly generated IP Address as source IP Address 

1 branch
problem 39

" About denial of service attacks , Which of the following descriptions is wrong ?( )"
		A. Blocking the link between the host and the network 
		B. Consume the resources used by the host to provide services 
		"C. By implanting the virus , Make the host unable to run normally  "
		"D. By implanting the virus , Copy important information from the host "

1 branch
problem 40

 Which of the following protocols cannot be used by an attacker to DoS attack ?( )
		A.TCP
		B.ICMP
		C.UDP
		D.IPSec

1 branch
problem 41

TCP SYN The principle of flooding attack is to use ( ).
		A.TCP Three handshake process 
		B.TCP Flow oriented working mechanism 
		C.TCP Window technology in data transmission 
		D.TCP When the connection is terminated FIN message 

1 branch
problem 42

 Tears used IP In datagram （ ).
		A. Function of segment shift field 
		B. Functions of protocol fields 
		C. Identify the function of the field 
		D. The function of the lifetime field 

1 branch
problem 43

ICMP Flooding takes advantage of ( ).
		A.ARP Command functionality 
		B.tracert Command functionality 
		C.ping Command functionality 
		D.route Command functionality 

1 branch
problem 44

（） Mainly for the host CPU、 disk 、 Operating system and file system DoS attack .
		A. Host type DoS
		B. Applied DoS
		C. Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 45

（） Mainly for the application software in the host DoS attack , Such as E-mail The server 、Web The server 、DNS Server and database server, etc .
		A. Host type DoS
		B. Applied DoS
		C.  Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 46

( ) It mainly refers to the exhaustion of network bandwidth 、 Host memory 、CPU And disks .
		A. Host type DoS
		B. Applied DoS
		C. Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 47

（） It mainly refers to the service crash or termination caused by the attack .
		A. Host type DoS
		B. Applied DoS
		C. Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 48

（） It mainly refers to destroying the host or network node DoS attack .
		A. Physically destructive DoS
		B. Applied DoS
		C. Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 49

（） Attack the victim directly , Such as directly attacking a certain E-mail account number , Make it unusable .
		A. Physically destructive DoS
		B. Direct type DoS
		C. Resource destroying DoS
		D. Service terminated DoS

1 branch
problem 50

（） By attacking other targets that have a fatal effect on the victim , As a result, the victim can not provide services .
		A. Physically destructive DoS
		B. Direct type DoS
		C. Indirect type DoS
		D. Service terminated DoS

1 branch
problem 51

（） Attacks mainly exploit vulnerabilities in the implementation of the protocol itself or its software , Send some abnormal packets to the target , Make the target system exception when processing , Even collapse .
		A. Highly toxic bag type 
		B. Storm type 
		C. Redirection type 
		D. Physically destructive 

1 branch
problem 52

（） Denial of service attacks mainly send a large number of network packets to the target , Cause the target system or network to run out of resources and become paralyzed .
		A. Highly toxic bag type 
		B. Storm type 
		C. Redirection type 
		D. Physically destructive 

1 branch
problem 53

（） An attack is by modifying some parameters in the network , Such as ARP surface 、DNS Cache, etc , So that packets sent from or to the victim are redirected to another place .
		A. Highly toxic bag type 
		B. Storm type 
		C. Redirection type 
		D. Physically destructive 

1 branch
problem 54

( ) It's using Windows NT And lower versions Linux In dealing with IP Fragment time vulnerability , Sending fragment offset address exception to the victim UDP Packet fragmentation , This will cause the target host to crash or restart due to an exception during fragment reassembly .
		A. Redirection attacks 
		B. direct Dos attack 
		C. Fragment attack 
		D. indirect Dos attack 

1 branch
problem 55

（） The attack principle of is that the attacker uses a large number of controlled hosts to send a large number of messages to the victim ICMP Respond to request messages , Make the victim's system busy processing these messages and reduce performance , In serious cases, the system may not be able to respond to other messages .
		A. Redirection attacks 
		B. direct Dos attack 
		C.ping Storm attack 
		D. indirect Dos attack 

1 branch
problem 56

（） Send a large number of packets to the target subject indirectly through the intermediate host , To achieve the purpose of denial of service attacks .
		A. Redirection attacks 
		B. Reflect row denial of service attacks 
		C.ping Storm attack 
		D. indirect Dos attack 

1 branch
problem 57

NTP use （） Protocol communication .
		A.TCP
		B.UDP
		C.ARP
		D.ICMP

1 branch
problem 58

NTP The server port number is （）
		A.3389
		B.123
		C.23
		D.80

1 branch
problem 59

 about TCP SYN scanning , If you send a SYN After package , The other side returns （）, Indicates that the port is open .
		A.ACK
		B.SYN /ACK
		C.SYN /RST
		D.RST /ACK

1 branch
problem 60

DDos attack , This belongs to ( ).
		A. Physical security threats 
		B. Network communication threat 
		C. Network service threat 
		D. Network management threats 

1 branch
problem 61

 When you feel your Win2000 The running speed slows down obviously , When you open the task manager, you find CPU The utilization rate of has reached 100% , What kind of attack are you most likely to think you have been subjected to （ ）.
		A. Trojan horse 
		B. Denial of service 
		C. cheating 
		D. Man-in-the-middle attack 

1 branch
problem 62

 Which of the following is a denial of service attack ( ).
		A.DDOG
		B.DDOS
		C.DDOK
		D.DDOP

1 branch
problem 63

 Denial of service attacks ()
		A. It is an attack that uses massive data packets that exceed the processing capacity of the target to consume available system bandwidth resources .
		B. The full name is Distributed Denial Of Service
		C. Reject an instruction from a server to respond to a request 
		D. Remote shutdown after intrusion control of a server 

1 branch
problem 64

 stay DDoS In attack , Through illegal intrusion and control , But the computer that does not directly attack the victim is called （ ）.
		A. The attacker 
		B. Main control end 
		C. proxy server 
		D. Attacked 

1 branch
problem 65

 Which of the following attacks may cause some systems to be reorganized IP Downtime or restart during sharding ？()
		A. Distributed denial of service attacks 
		B.Ping of Death
		C.NFS attack 
		D.DNS Cache poisoning attack 

1 branch
problem 66

TCP SYN Flood Network attacks take advantage of TCP The process of establishing a connection requires （） Complete the attack on the target according to the characteristics of the second handshake .
		A.1
		B.2
		C.3
		D.6

1 branch
problem 67

 The consequences of a denial of service attack are （）.
		A. Information not available 
		B. The application is not available 
		C. System downtime 
		D. The above items are 

1 branch
problem 68

 Programs residing on multiple network devices produce a large number of request messages in a short time web The server , The server is overwhelmed , Unable to respond to requests from other legitimate users , This belongs to （ ）
		A. Surf the Internet 
		B. Man-in-the-middle attack 
		C.DDoS attack 
		D.MAC attack 

1 branch
problem 69

（ ） The attack principle is to forge the source address of the victim host to send the connection request , Make the victim host form its own connection , Consumed connections .
		A.Ping of death
		B.LAND
		C.UDP Flood
		D.Teardrop

1 branch
problem 70

（ ） The attack principle of is to construct the wrong fragment information , Memory calculation error when the system reorganizes fragment data , Cause the protocol stack to crash .
		A.Ping of death
		B.LAND
		C.UDP Flood
		D.Teardrop

1 branch
problem 71

 An attacker attacks a network interface by transmitting data , The attack that makes the server too busy to respond to requests is （）.
		A. Denial of service attacks 
		B. Address spoofing attack 
		C. Session hijacking 
		D. Packet probe attack 

1 branch
problem 72

 A basic idea of a denial of service attack is （ ）
		A. Constantly sending spam to the workstation 
		B. Force the server's buffer to be full 
		C. Workstations and servers stop working 
		D. The server stops working 

1 branch
problem 73

 Trojan horse found , First, turn off the running of its program in the background of the computer .

 Yes 

 wrong 

1 branch
problem 74

 The difference between Trojans and traditional viruses is that Trojans do not replicate themselves .

 Yes 

 wrong 

1 branch
problem 75

 Malicious code detection can be divided into static detection and dynamic detection .

 Yes 

 wrong 

1 branch
problem 76

 Trojan horse found , First, turn off the running of its program in the background of the computer .

 Yes 

 wrong 

1 branch
problem 77

 Trojan horse , In essence, it is just a network customer communicating through a port / Service program . The victim is using the client , The controller uses the server side .

 Yes 

 wrong 

1 branch
problem 78

 With the development of hacker technology , The infection ability of Trojans has been greatly improved .

 Yes 

 wrong 

1 branch
problem 79

 The implantation of Trojan horse is the most critical step in the target system of Trojan horse tools , It is the basis for subsequent attacks .

 Yes 

 wrong 

1 branch
problem 80

 Currently, Trojan horse implantation methods can be divided into two categories , Passive implantation and active implantation .

 Yes 

 wrong 

1 branch
problem 81

 Passive implantation of Trojan horse refers to the installation of Trojan horse program into the target system through manual intervention , The implantation process must rely on the manual operation of the victim user .

 Yes 

 wrong 

1 branch
problem 82

 Active implantation of Trojans refers to active attack methods , Automatically install the Trojan horse program into the target system through the program , The implantation process does not require the operation of the victim user .

 Yes 

 wrong 

1 branch
problem 83

 In order to solve the attack from the vulnerability , Generally, the system security is enhanced by patching .

 Yes 

 wrong 

1 branch
problem 84

XSS The cross site scripting vulnerability mainly affects the client browsing users .

 Yes 

 wrong 

1 branch
problem 85

SQL Injection can generally be entered directly through a web form .

 Yes 

 wrong 

1 branch
problem 86

 By writing to the program's buffer beyond its length , Can cause buffer overflow .

 Yes 

 wrong 

1 branch
problem 87

SQL The injected defense object is all internal incoming data .

 Yes 

 wrong 

1 branch
problem 88

SQL Injection attack means that an attacker uses Web Scripting vulnerability , Put malicious SQL Command insert into Web The input field of the form , Deceiving the database server to entertain malicious code SQL command .

 Yes 

 wrong 

1 branch
problem 89

 prevent XSS Each method has its advantages and disadvantages , To guard against XSS The real challenge is not to avoid it all , But in detail .

 Yes 

 wrong 

1 branch
problem 90

 Attackers can get through SQL Injection means to obtain the password of other users .

 Yes 

 wrong 

1 branch
problem 91

DDoS A centralized denial of service attack .

 Yes 

 wrong 

1 branch
problem 92

SYN Flood It's a kind of  DOS attack .

 Yes 

 wrong 

1 branch
problem 93

" Just intercept the currently sent  TCP package , Can forge the serial number of the next package ."

 Yes 

 wrong 

1 branch
problem 94

Land The precondition of attack is that the port used must be open .

 Yes 

 wrong 

1 branch
problem 95

SYN Flood Attacks must constantly send connections , Once the request is stopped, the victim host can return to normal .

 Yes 

 wrong 

1 branch
problem 96

 Denial of service is a system security mechanism , It protects the system from hackers' attacks on computer networks .

 Yes 

 wrong 

1 branch
problem 97

 The earliest denial of service attacks were “ Email bomb ”.

 Yes 

 wrong 

1 branch
problem 98

 Service attack is an attack method that makes the attacked system unable to perform normal service .

 Yes 

 wrong 

1 branch
problem 99

Smurf The attack principle is to forge the victim's address and send a reply request to the broadcast address , Require other machines to respond , Form traffic attack .

 Yes 

 wrong 

1 branch
problem 100

 To achieve DDoS attack , Attackers must be able to control a large number of computers to serve them .

 Yes 

 wrong 

answer ：
BBBAC CACAC
DBCBB BDDCC
BAADA BDACA
ABABC BDDDD
AACAB CDDBC
ABCCC BBBBC
BBABB CDCBD
ABAAA AAAAA
AAAAA ABABA
BAAAA BABAA