An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()A、DoSB、SYN floodC、port scanningD、IP address sweep
An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()
- A、DoS
- B、SYN flood
- C、port scanning
- D、IP address sweep
相关考题:
Grabbing Weinstein ______the jaw,the attacker told her he had a gun and forced her into her car.A. withB. toC. inD. by
She was able to () her attacker and reported him immediately to the police nearby. A、identifyB、knowC、realizeD、regard
Within IS-IS, the restart helper performs which task?() A. It sends CSNPs to the restarting router.B. It periodically sends TLV 211 to the restarting router.C. It informs other routers in the domain that a router has restarted.D. It tears down adjacency and sends its entire database after 30 seconds.
How does the PFE handle unicast transit traffic destined for an existing forwarding table entry?() A. It sends the traffic through one egress port toward its destinationB. It sends the traffic through multiple egress ports to all available receiversC. It sends the traffic through an internal link to the RED. It sends the traffic to the local system for further processing
There are different ways to perform IP based DoS Attacks. The most common IP based DoS attack is that an attacker sends an extensive amount of connection establishment( )(e.g. TCP SYN requests) to establish hanging connections with the controller or a DPS. Such a way, the attacker can consume the network resources which should be available for legitimate users. In other( ), the attacker inserts a large amount of( )packets to the data plane by spoofing all or part of the header fields with random values. These incoming packets will trigger table-misses and send lots of packet-in flow request messages to the network controller to saturate the controller resources. In some cases, an( )who gains access to DPS can artificially generate lots of random packet-in flow request messages to saturate the control channel and the controller resources. Moreover, the lack of diversity among DPSs fuels fuels the fast propagation of such attacks.Legacy?mobile backhaul devices are inherently protected against the propagation of attacks due to complex and vendor specific equipment. Moreover, legacy backhaul devices do not require frequent communication with core control devices in a manner similar to DPSs communicating with the centralized controller. These features minimize both the impact and propagation of DoS attacks. Moreover, the legacy backhaul devices are controlled as a joint effort of multiple network element. For instance, a single Long Term Evilution(LTE)eNodeB ?is connected up to 32 MMEs. Therefore, DoS/DDoS attack on a single core element will not terminate the entire operation of a backhaul device(请作答此空)the network.A. orB. ofC. in D .to
There are different ways to perform IP based DoS Attacks. The most common IP based DoS attack is that an attacker sends an extensive amount of connection establishment( )(e.g. TCP SYN requests) to establish hanging connections with the controller or a DPS. Such a way, the attacker can consume the network resources which should be available for legitimate users. In other( ), the attacker inserts a large amount of( )packets to the data plane by spoofing all or part of the header fields with random values. These incoming packets will trigger table-misses and send lots of packet-in flow request messages to the network controller to saturate the controller resources. In some cases, an(请作答此空)who gains access to DPS can artificially generate lots of random packet-in flow request messages to saturate the control channel and the controller resources. Moreover, the lack of diversity among DPSs fuels fuels the fast propagation of such attacks.Legacy?mobile backhaul devices are inherently protected against the propagation of attacks due to complex and vendor specific equipment. Moreover, legacy backhaul devices do not require frequent communication with core control devices in a manner similar to DPSs communicating with the centralized controller. These features minimize both the impact and propagation of DoS attacks. Moreover, the legacy backhaul devices are controlled as a joint effort of multiple network element. For instance, a single Long Term Evilution(LTE)eNodeB ?is connected up to 32 MMEs. Therefore, DoS/DDoS attack on a single core element will not terminate the entire operation of a backhaul device()the network.A. orB. administratorC. editorD. attacker
There are different ways to perform IP based DoS Attacks.The most common IP based DoS attack is that an attacker sends an extensive amount of connection establishment(71)(e.g.TCP SYN requests)to establish hanging connections with the controller or a DPS.Such a way,the attacker can consume the network resources which should be available for legitimate users.In other(72),the attacker inserts a large amount of(73)packets to the data plane by spoofing all or part of the header fields with random values.These incoming packets will trigger table-misses and send lots of packet-in flow request messages to the network controller to saturate the controller resources.In some cases,an(本题)who gains access to DPS can artificially generate lots of random packet-in flow request messages to saturate the control channel and the controller resources.Moreover,the lack of diversity among DPSs fuels fuels the fast propagation of such attacks.Legacy mobile backhaul devices are inherently protected against the propagation of attacks due to complex and vendor specific equipment.Moreover,legacy backhaul devices do not require frequent communication with core control devices in a manner similar to DPSs communicating with the centralized controller.These features minimize both the impact and propagation of DoS attacks.Moreover,the legacy backhaul devices are controlled as a joint effort of multiple network element.For instance,a single Long Term Evilution(LTE)eNodeB is connected up to 32 MMEs.Therefore,DoS/DDoS attack on a single core element will not terminate the entire operation of a backhaul device(75)the network.A.orB.administratorC.editorD.attacker
Which of the following types of attacks does DHCP snooping prevent?(Choose all that apply.)()A、Attacker sends multiple DHCP requests flooding DHCP serverB、Attacker connects rogue server initiating DHCP requestsC、Attacker connects rogue server replying to DHCP requestsD、Attacker sends DHCP jam signal causing DHCP server to crashE、Attacker sends gratuitous ARP replies, thereby jamming the DHCP serverF、Attacker sends unsolicited DHCP replies, thereby jamming the DHCP server
Which action does the ping 172.18.1.1 size 5 command perform?()A、It sends only five ping requests to the 172.18.1.1 destination.B、It sends a continuous ping with a packet length of five bytes to the 172.18.1.1 destination.C、It sends five rapid ping requests to the 172.18.1.1 destination.D、It sends a continuous rapid ping with a packet length of five bytes to the 172.18.1.1 destination.
How does the PFE handle unicast transit traffic destined for an existing forwarding table entry?()A、It sends the traffic through one egress port toward its destinationB、It sends the traffic through multiple egress ports to all available receiversC、It sends the traffic through an internal link to the RED、It sends the traffic to the local system for further processing
The CS-MARS appliance offers attackmitigatons using which twomethods? ()A、 Automatically pushing ACLs to layer 3 devices to block the attacker’s trafficB、 Automatically pushing commands to layer 2 switches to shutdown the attacker’s portsC、 Automatically resetting the attacker’sTCP connectionsD、 RecommendingACLs tobe manuallypushed tolayer 3 devices such as routers/firewallsE、 Operating as an inline appliance, it automaticallyblocks malicious traffic inlineF、 Working inconjuction with CSM to block the attacker’s traffic inline
Which of the following are not steps in setting up aTLS session? ()A、 Client sends Hello to Server listing all of its supported cipher suitesB、 Server sends Hello to Client listing all of its supported cipher suitesC、 Client calculates and sends encryptedpre_master_secretD、 Client and Server calculate keys from pre_master_secretE、 Server sends Change Cipher Spec to indicate a shift to encrypted mode
Which of the following would an attacker use to footprint a system?()A、RADIUSB、Password crackerC、Port scannerD、Man-in-the-middle attack
Within IS-IS, the restart helper performs which task?()A、It sends CSNPs to the restarting router.B、It periodically sends TLV 211 to the restarting router.C、It informs other routers in the domain that a router has restarted.D、It tears down adjacency and sends its entire database after 30 seconds.
Which two statements regarding asymmetric key encryption are true?()A、The same key is used for encryption and decryption.B、It is commonly used to create digital certificate signatures.C、It uses two keys: one for encryption and a different key for decryption.D、An attacker can decrypt data if the attacker captures the key used for encryption
多选题Which of the following types of attacks does DHCP snooping prevent?(Choose all that apply.)()AAttacker sends multiple DHCP requests flooding DHCP serverBAttacker connects rogue server initiating DHCP requestsCAttacker connects rogue server replying to DHCP requestsDAttacker sends DHCP jam signal causing DHCP server to crashEAttacker sends gratuitous ARP replies, thereby jamming the DHCP serverFAttacker sends unsolicited DHCP replies, thereby jamming the DHCP server
单选题Which of the following are not steps in setting up aTLS session? ()A Client sends Hello to Server listing all of its supported cipher suitesB Server sends Hello to Client listing all of its supported cipher suitesC Client calculates and sends encryptedpre_master_secretD Client and Server calculate keys from pre_master_secretE Server sends Change Cipher Spec to indicate a shift to encrypted mode
单选题An attacker sends a low rate of TCP SYN segments to hosts, hoping that at least one port replies. Which type of an attack does this scenario describe?()ADoSBSYN floodCport scanningDIP address sweep
多选题Which two statements regarding asymmetric key encryption are true?()AThe same key is used for encryption and decryption.BIt is commonly used to create digital certificate signatures.CIt uses two keys: one for encryption and a different key for decryption.DAn attacker can decrypt data if the attacker captures the key used for encryption
多选题Which three steps are part of the PPP CHAP 3-way handshake?()AThe caller sends a challenge to the authenticator.BThe authenticator sends a challenge to the caller.CThe caller encrypts the challenge using a secret.DThe caller sends a success message to the authenticator.EThe authenticator encrypts the challenge using a secret.
多选题The CS-MARS appliance offers attackmitigatons using which twomethods? ()AAutomatically pushing ACLs to layer 3 devices to block the attacker’s trafficBAutomatically pushing commands to layer 2 switches to shutdown the attacker’s portsCAutomatically resetting the attacker’sTCP connectionsDRecommendingACLs tobe manuallypushed tolayer 3 devices such as routers/firewallsEOperating as an inline appliance, it automaticallyblocks malicious traffic inlineFWorking inconjuction with CSM to block the attacker’s traffic inline
单选题Within IS-IS, the restart helper performs which task?()AIt sends CSNPs to the restarting router.BIt periodically sends TLV 211 to the restarting router.CIt informs other routers in the domain that a router has restarted.DIt tears down adjacency and sends its entire database after 30 seconds.
单选题Which process occurs first during the Ethernet Discovery Stage process for a PPPoE service offering?()AThe ERX router sends an Active Discovery Offer message.BThe ERX router sends an Active Discovery Initiation message.CThe customer device sends an Active Discovery Offer message.DThe customer device sends an Active Discovery Initiation message
单选题A MAC address flood attack is occurring on the LAN. During this attack, numerous frames areforwarded to a switch which causes the CAM table to fill to capacity. How does this action benefitthe attacker?()AAll traffic is tagged with a specific VLAN ID from the VLAN of the attacker and is now viewableBClients will forward packets to the attacking device, which will in turn send them to the desireddestination but not before recording the traffic patternsCAll traffic is redirected to the VLAN that the attacker used to flood the CAM tableDAll traffic is flooded out all ports and an attacker is able to capture all dataENone of the other alternatives apply
多选题Which two statements regarding symmetric key encryption are true?() (Choose two.)AThe same key is used for encryption and decryption.BIt is commonly used to create digital certificate signatures.CIt uses two keys: one for encryption and a different key for decryption.DAn attacker can decrypt data if the attacker captures the key used for encryption.
单选题Which set of statements describes the correct order and process of a Company wireless user client associating with a wireless access point in the Company network? ()A 1. Access point sends probe request .2. Client sends probe response.3. Client initiates association.4. Access point accepts association.5. Client adds access point MAC address to association table.B 1. Client sends probe request.2. Access point sends probe response.3. Client initiates association.4. Access point accepts association.5. Access point adds client MAC address to association table.C 1. Client sends probe request.2. Access point sends probe response.3. Access point initiates association.4. Client accepts association.5. Access point adds client MAC address to association table.D 1. Access point sends probe request .2. Client sends probe response.3. Client initiates association.4. Access point accepts association.5. Access point adds client MAC address to association table.E 1. Client sends probe request.2. Access point sends probe response.3. Client initiates association.4. Access point accepts association.5. Client adds access point MAC address to association table.F None of the other alternatives apply.