單項(xiàng)選擇題How doTCP SYN attacks take advantage ofTCPto prevent new connections from being established to a host under attack?()

A.These attacks send multiple FIN segments forcing TCP connection release.
B.These attacks fill up a hosts’ listen queue by failing to ACK partially openedTCPconnections.
C.These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D.These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E.These attacks send TCP RST segments in response toconnection SYN+ACK segments forcing SYN retransmissions.





您可能感興趣的試卷

你可能感興趣的試題

1.單項(xiàng)選擇題Which ones are the two type of ciphers?()

A. Blocking cipher andnon-blocking cipher
B. CBC cipher and EBC cipher
C. Block cipher and Stream cipher
D. Blocker cipher and Streamer cipher
E. 3DES cipher and AES cipher

2.單項(xiàng)選擇題ASDM on the ASA platform is executed as:()

A. An active-x applicationor a java script application
B. A java script application and a PHP application.
C. A fully compiled .NET framework application
D. A fully operational Visual Basic application
E. A java applet running in the context of your browser or a stand alone application using the java run-timeenvironment

3.多項(xiàng)選擇題Which of the following is true about RADIUSV end or Specific Attribute? ()

A. The RADIUSVendor Specific Attribute type is decimal 26.
B. A radius server that does not understandthevendor-specific information sent by a clientmust reject the authentication request.
C. A vendor can freely choose theVendor-ID it wants to use when implementing Vendor Specific Attributes as long as the same Vendor-ID is used on all of its products.
D. Vendor Specific AttributeMUST include the Length field.
E. In Cisco’s Vendor Specific Attribute implementation, vendor-ID of 1 is commonly referred to as Cisco AV(Attribute Value) pairs.
F. Vendor Specific Attributes use a RADIUS attribute type between 127 and 255.

4.單項(xiàng)選擇題For a router to obtain a certificate from a CA, what is the first stepof the certificate enrollment process?()

A. the router generates a certificate request and forwards it tothe CA
B. the router generates an RSA key pair
C. the router sends its public key to the CA
D. the CA sends its public key to the router
E. the CA verifies the identity of the router
F. the CA generates a certificate request and forwards it to the router

5.單項(xiàng)選擇題Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()

A. Class-Based Policing
B. Control Plane Policing
C. Dual-Rate Policier
D. Single-Rate Policier
E. Class-BasedTraffic Shaper

6.單項(xiàng)選擇題Which Cisco security software product mitigates Day Zero attacks on desktops and servers - stopping known and unknown attacks without requiring reconfigurations or updates on the endpoints?()

A. Cisco Secure Desktop (CSD)
B. NAC Appliance Agent (NAA)
C. Cisco SecurityAgent (CSA)
D. SSLVPN Client (SVC)
E. Cisco TrustAgent (CTA)

7.單項(xiàng)選擇題Which of these is the best way to provide sender non-repudiation?()

A. pre-sharedkey
B. secure hash
C. SSL
D. RSA signature

8.單項(xiàng)選擇題When implementing internet standards you are required to follow RFC’s processes and procedures based onwhat RFC?()

A. RFC 1769 and mere publications
B. Real standards of RFC 1918
C. RFC 1669 real standards andmere publications
D. Real standards and mere publications RFC 1796
E. None of the above

9.單項(xiàng)選擇題In an L2TP voluntary tunneling scenario, the VPDN tunnel is terminated between:()

A. The client and the NAS.
B. The NAS andthe LNS.
C. The NAS and the LAC.
D. The client and the LNS.

10.單項(xiàng)選擇題Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

A. Ensure that a stateful firewall allows only HTTP traffic destined for valid web server IP addresses.
B. Ensure that a firewall has SYN flood and DDoS protection applied specifically for valid web servers.
C. Ensure that your firewall enforces HTTP protocol compliance to ensure that only valid flows are allowed inand outof your network.
D. Ensure that HTTP is always authenticated.
E. Ensure that your web server is in a different zone than your backend servers such as SQL and DNS.

最新試題

Which one of the following is NOT a valid RADIUS packet type?()

題型:?jiǎn)雾?xiàng)選擇題

What Cisco technology protects against Spanning-Tree Protocol manipulation?()

題型:?jiǎn)雾?xiàng)選擇題

Which of these is the best way to provide sender non-repudiation?()

題型:?jiǎn)雾?xiàng)選擇題

Which one of the following is NOT a supported IKE attribute?()

題型:?jiǎn)雾?xiàng)選擇題

Since HTTP is one of the most common protocols used in the internet, what should be done at a firewall level to ensure thatthe protocol is being used correctly? ()

題型:?jiǎn)雾?xiàng)選擇題

When implementing best practices for IP Source Address Spoofing and Defeating Denial of Service Attacks with IP SourceAddress Spoofing, what RFC is commonly usedto protect your network?()

題型:?jiǎn)雾?xiàng)選擇題

When implementing internet standards you are required to follow RFC’s processes and procedures based onwhat RFC?()

題型:?jiǎn)雾?xiàng)選擇題

CSA protects your host by: ()

題型:?jiǎn)雾?xiàng)選擇題

Which of the following is an example of a security technology that could be enabled by Netflow?()

題型:?jiǎn)雾?xiàng)選擇題

Which of the following statements that describe Diffie Hellman Key exchange are correct? ()

題型:多項(xiàng)選擇題