1 The two most common implementations of Intrusion Detection are which of the following? A Netware-based and Host-based. B Network-based and Guest-based. C Network-based and Client-based. D Network-based and Host-based. D 每时每刻 可信安全 2 Which of the following is the least important security service provided by a firewall? A Packet filtering B Encrypted tunnels C Network address translation D Proxy services B 每时每刻 可信安全 3 What are the two layers of OSI/ISO model within which SSL is designed to operate? A Application/Presentation layer B Application/Session Layer C Application/Transport D Application/Network C 每时每刻 可信安全 4 Which type of attack involves the alteration of a packet at the IP level to convince a system that it is communicating with a known entity in order to gain access to a system? A TCP sequence number attack B IP spoofing attack C Piggybacking attack D Teardrop attack B 每时每刻 可信安全 5 Which of the following can best eliminate dial-up access through a Remote Access Server as a hacking vector? A Using a TACACS+ server. B Installing the Remote Access Server outside the firewall and forcing legitimate users to authenticate to the firewall. C Setting modem ring count to at least 5. D Only attaching modems to non-networked hosts B 每时每刻 可信安全 6 Which of the following should be used as a replacement for Telnet for secure remote login over an insecure network? A S-Telnet B SSL C Rlogin D SSH D 每时每刻 可信安全 7 Which of the following is the primary security feature of a proxy server? A Client hiding B URL blocking C Route blocking D Content filtering A 每时每刻 可信安全 8 Which conceptual approach to intrusion detection is characterized with a high rate of false positives? A Knowledge-based intrusion detection B Statistical analysis-based intrusion detection C Host-based intrusion detection D Network-based intrusion detection B 每时每刻 可信安全 9 Which of the following protects Kerberos against replay attacks? A Tokens B Passwords C Cryptography D Time stamps D 每时每刻 可信安全 10 What is called an attack where the attacker spoofs the source IP address in an ICMP ECHO broadcast packet so it seems to have originated at the victim's system, in order to flood it with REPLY packets? A SYN Flood attack B Smurf attack C Ping of Death attack D Denial of Service (DOS) attack B 每时每刻 可信安全 11 What is the main difference between a Smurf and a Fraggle attack? A A Smurf attack is ICMP-based and a Fraggle attack is UDPbased. B A Smurf attack is UDP-based and a Fraggle attack is TCPbased. C Smurf attack packets cannot be spoofed. D A Smurf attack is UDP-based and a Fraggle attack is ICMPbased. A 每时每刻 可信安全 12 Which of the following is true about link encryption? A Each entity has a common key with the destination node. B Encrypted messages are only decrypted by the final node. C This mode does not provide protection if the nodes along the transmission path can be compromised. D Only secure nodes are used in this type of transmission C 每时每刻 可信安全 13 Secure Sockets Layer (SSL) provides security services at which layer of the OSI model? A Network Layer B Transport Layer C Session Layer D Application Layer B 每时每刻 可信安全 14 A TCP SYN attack: A requires a synchronized effort by multiple attackers. B takes advantage of the way a TCP session is established. C may result in elevation of privileges. D is not something system users would notice B 每时每刻 可信安全 15 A B C D Which of the following protocols is designed to send individual messages securely? Kerberos Secure Electronic Transaction (SET). Secure Sockets Layer (SSL). Secure HTTP (S-HTTP). D 每时每刻 可信安全 16 Which of the following provide network redundancy in a local network environment? A Mirroring B Shadowing C Dual backbones D Duplexing C 每时每刻 可信安全 17 Which one of the following is not a benefit resulting from the use of firewalls? A reduces the risks from malicious hackers B prevents the spread of viruses C reduces the threat level on internal system D allow centralize management and control of services B 每时每刻 可信安全 18 In a SSL session between a client and a server, who is responsible for generating the master secret that will be used as a seed to generate the symmetric keys that will be used during the session? A Both client and server B The client's browser C The web server D The merchant's Certificate Server B 每时每刻 可信安全 19 Which of the following is not a component of IPSec? A Authentication Header B Encapsulating Security Payload C Key Distribution Center D Internet Key Exchange C 每时每刻 可信安全 20 Lower Layers (Physical, Link, Network, Transport) are unable to protect against what kind of attacks? A Piggy Back Attacks B Brute Force C Denial of Service Attacks D Content Based Attacks D 每时每刻 可信安全 21 What mechanism is used to obtain an IP address from a MAC address? A Reverse address resolution protocol (RARP) B Address resolution protocol (ARP) C Data link layer D Network address translation (NAT) A 每时每刻 可信安全 22 Encapsulating Security Payload (ESP) authentication capabilities are limited due to: A Non-inclusion of IP header information in authentication process B Because it is designed only for confidentiality C Because ESP provide payload padding and this change authentication parameters D Rule-based Access control A 每时每刻 可信安全 23 Which of the following backup method must be made regardless of whether Differential or Incremental methods are used? A Full Backup Method. B Incremental backup method. C Supplemental backup method. D Tape backup method. A 每时每刻 可信安全 24 Which of the following statements pertaining to incident response is correct? A As Computer Emergency Response Team (CERT) is copyrighted, Computer Incident Response Team (CIRT) is more often used. B As Computer Incident Response Team (CIRT) is copyrighted, Computer Emergency Response Team (CERT) is more often used. C Computer Incident Response Team (CIRT) and Computer Emergency Response Team (CERT) are used interchangeably. D Computer Incident Management Team (CIMT) is sometimes used, but Computer Emergency Response Team (CERT) should be preferred. A 每时每刻 可信安全 25 What is NOT true with pre shared key authentication within IKE / IPsec protocol? A pre shared key authentication is normally based on simple passwords B needs a PKI to work C Only one preshared key for all VPN connections is needed D Costly key management on large user groups B 每时每刻 可信安全