思科网络工程师题库3.docx

《思科网络工程师题库3.docx》由会员分享，可在线阅读，更多相关《思科网络工程师题库3.docx（105页珍藏版）》请在课桌文档上搜索。

1、思科网络工程师题库1-200QlInwhichformofattackisalternateencoding,suchashexadecimalrepresentation,mostoftenobserved?A. SmurfB. distributeddenialofserviceC. cross-sitescriptingD. rootkitexploitAnswer:CExplanation:Crosssitescripting(alsoknownasXSS)occurswhenawebapplicationgathersmaliciousdatafromauser.Thedataisu

2、suallygatheredintheformofahyperlinkwhichcontainsmaliciouscontentwithinit.Theuserwillmostlikelyclickonthislinkfromanotherwebsite,instantmessage,orSimplyjustreadingawebboardoremailmessage.UsuallytheattackerwillencodethemaliciousportionofthelinktothesiteinHEX(orotherencodingmethods)sotherequestislesssu

3、spiciouslookingtotheuserwhenclickedon.Forexamplethecodebelowiswritteninhex:ClickHereisequivalentto:ClickHereNote:Intheformat&#xhhhh,hhhhisthecodepointinhexadecimalform.Q2.WhichflawdoesanattackerleveragewhenexploitingSQLinjectionvulnerabilities?A. userinputvalidationinawebpageorwebapplicationB. Linux

4、andWindowsoperatingsystemsC. databaseD. webpageimagesAnswer:AExplanation:SQLinjectionusuallyoccurswhenyouaskauserforinput,liketheirusemame/userid,buttheusergives(injects)youanSQLstatementthatyouwillunknowinglyrunonyourdatabase.Forexample:Lookatthefollowingexample,whichcreatesaSELECTstatementbyadding

5、avariable(txtllserld)toaselectstring.Thevariableisfetchedfromuserinput(getRequestString):txtllserld=getRequestStng(,Userld);txtSQL=SELECT*FROMUsersWHEREUserld=+txtllserld;Ifuserentersomethinglikethis:100OR1=1thentheSQLstatementwilllooklikethis:SELECT*FROMUsersWHEREUserld=100OR1=1;TheSQLaboveisvalida

6、ndwillreturnALLrowsfromtheUserstable,sinceOR1=1isalwaysTRUE.Ahackermightgetaccesstoalltheusernamesandpasswordsinthisdatabase.Q3.WhichtwopreventiontechniquesareusedtomitigateSQLinjectionattacks?(Choosetwo)A. Checkinteger,float,orBooleanstringparameterstoensureaccuratevalues.B. Usepreparedstatementsan

7、dparameterizedqueries.C. Securetheconnectionbetweenthewebandtheapptier.D. WriteSQLcodeinsteadofusingobject-relationalmappinglibraries.E. BlockSQLcodeexecutioninthewebapplicationdatabaselogin.Answer:ABQ4.Whichtwoendpointmeasuresareusedtominimizethechancesoffallingvictimtophishingandsocialengineeringa

8、ttacks?(Choosetwo)A. Patchforcross-sitescripting.B. Performbackupstotheprivatecloud.C. Protectagainstinputvalidationandcharacterescapesintheendpoint.D. Installaspamandvirusemailfilter.E. Protectsystemswithanup-to-dateantimalwareprogram.AnSWe匚DEExplanation:Phishingattacksarethepracticeofsendingfraudu

9、lentcommunicationsthatappeartocomefromareputablesource.Itisusuallydonethroughemail.Thegoalistostealsensitivedatalikecreditcardandlogininformation,ortoinstallmalwareonthevictimsmachine.Q5.Whichtwomechanismsareusedtocontrolphishingattacks?(Choosetwo)A. Enablebrowseralertsforfraudulentwebsites.B. Defin

10、esecuritygroupmemberships.C. RevokeexpiredCRLofthewebsites.D. Useantispywaresoftware.E. Implementemailfilteringtechniques.Answer:AEQ6.Whichtwobehavioralpatternscharacterizeapingofdeathattack?(Choosetwo)A. Theattackisfragmentedintogroupsof16octetsbeforetransmission.B. Theattackisfragmentedintogroupso

11、f8octetsbeforetransmission.C. ShortsynchronizedburstsoftrafficareusedtodisruptTCPconnections.D. Malformedpacketsareusedtocrashsystems.E. PubliclyaccessibleDNSserversaretypicallyusedtoexecutetheattack.Answer:BDExplanation:PingofDeath(PoD)isatypeofDenialofService(DoS)attackinwhichanattackerattemptstoc

12、rash,destabilize,orfreezethetargetedcomputerorservicebysendingmalformedoroversizedpacketsusingasimplepingcommand.Acorrectly-formedpingpacketistypically56bytesinsize,or64byteswhentheICMPheaderisconsidered,and84includingInternetProtocolversion4header.However,anyIPv4packet(includingpings)maybeaslargeas

13、65,535bytes.SomecomputersystemswereneverdesignedtoproperlyhandleapingpacketlargerthanthemaximumpacketsizebecauseitviolatestheInternetProtocoldocumentedLikeotherlargebutwell-formedpackets,apingofdeathisfragmentedintogroupsof8octetsbeforetransmission.However,whenthetargetcomputerreassemblesthemalforme

14、dpacket,abufferoverflowcanoccur,causingasystemcrashandpotentiallyallowingtheinjectionofmaliciouscode.Q7.Whichtwopreventivemeasuresareusedtocontrolcross-sitescripting?(Choosetwo)A. Enableclient-sidescriptsonaper-domainbasis.B. Incorporatecontextualoutputecodingescaping.C. Disablecookieinspectioninthe

15、HTMLinspectionengine.D. RununtrustedHTMLinputthroughanHTMLsanitizationengine.E. SameSitecookieattributeshouldnotbeused.AnSWe匚ABQ8.Whatisthedifferencebetweendeceptivephishingandspearphishing?A. DeceptivephishingisanattackedaimedataspecificuserintheorganizationwhoholdsaC-Ievelrole.B. Aspearphishingcam

16、paignisaimedataspecificpersonversusagroupofpeople.C. SpearphishingiswhentheattackisaimedattheC-Ievelexecutivesofanorganization.D. DeceptivephishinghijacksandmanipulatestheDNSserverofthevictimandredirectstheusertoafalsewebpage.Answer:BExplanation:Indeceptivephishing,fraudstersimpersonatealegitimateco

17、mpanyinanattempttostealpeoplespersonaldataorlogincredentials.Thoseemailsfrequentlyusethreatsandasenseofurgencytoscareusersintodoingwhattheattackerswant.Spearphishingiscarefullydesignedtogetasinglerecipienttorespond.Criminalsselectanindividualtargetwithinanorganization,usingsocialmediaandotherpublici

18、nformationandcraftafakeemailtailoredforthatperson.Q9.WhichattackiscommonlyassociatedwithCandC+programminglanguages?A. cross-sitescriptingB. waterholingC. DDoSD. bufferoverflowAnswer:DExplanation:Abufferoverflow(orbufferoverrun)occurswhenthevolumeofdataexceedsthestoragecapacityofthememorybuffer.Asare

19、sult,theprogramattemptingtowritethedatatothebufferoverwritesadjacentmemorylocations.BufferoverflowisavulnerabilityinlowlevelcodesofCandC+.Anattackercancausetheprogramtocrash,makedatacorrupt,stealsomeprivateinformationorrunhis/herowncode.Itbasicallymeanstoaccessanybufferoutsideofitsallotedmemoryspace

20、.Thishappensquitefrequentlyinthecaseofarrays.Q10.WhatisalanguageformatdesignedtoexchangethreatintelligencethatcanbetransportedovertheTAXIIprotocol?A. STIXB. XMPPC. pGridD. SMTPAnswer:AExplanation:TAXII(TrustedAutomatedExchangeofIndicatorInformation)isastandardthatprovidesatransportmechanism(dataexch

21、ange)ofcyberthreatintelligenceinformationinSTIX(StructuredThreatInformationeXpression)format.Inotherwords,TAXIIserverscanbeusedtoauthorandexchangeSTIXdocumentsamongparticipants.STIX(StructuredThreatInformationeXpression)isastandardizedlanguagewhichhasbeendevelopedinacollaborativewayinordertorepresen

22、tstructuredinformationaboutcyberthreats.Ithasbeendevelopedsoitcanbeshared,stored,andotherwiseusedinaconsistentmannerthatfacilitatesautomationandhumanassistedanalysis.Qll.WhichtwocapabilitiesdoesTAXIIsupport?(Choosetwo)A. ExchangeB. PullmessagingC. BindingD. CorrelationE. MitigatingAnswer:BCExplanati

23、on:TheTrustedAutomatedeXchangeofIndicatorInformation(TAXII)specifiesmechanismsforexchangingstructuredcyberthreatinformationbetweenpartiesoverthenetwork.TAXIIexiststoprovidespecificcapabilitiestothoseinterestedinsharingstructuredcyberthreatinformation.TAXIICapabilitiesarethehighestlevelatwhichTAXIIac

24、tionscanbedescribed.TherearethreecapabilitiesthatthisversionofTAXIIsupports:pushmessaging,pullmessaging,anddiscovery.Althoughthereisnobindingcapabilityinthelistbutitisthebestanswerhere.Q12.Whichtworisksisacompanyvulnerabletoifitdoesnothaveawell-establishedpatchingsolutionforendpoints?(Choosetwo)A. e

25、xploitsB. ARPspoofingC. denial-of-serviceattacksD. malwareE. eavesdroppingAnswer:ADExplanation:Malwaremeansmalicioussoftware,isanysoftwareintentionallydesignedtocausedamagetoacomputer,server,client,orcomputernetwork.Themostpopulartypesofmalwareincludesviruses,ransomwareandspyware.VirusPossiblythemos

26、tcommontypeofmalware,virusesattachtheirmaliciouscodetocleancodeandwaittoberun.Ransomwareismalicioussoftwarethatinfectsyourcomputeranddisplaysmessagesdemandingafeetobepaidinorderforyoursystemtoworkagain.Spywareisspyingsoftwarethatcansecretlyrecordeverythingyouenter,upload,download,andstoreonyourcompu

27、tersormobiledevices.Spywarealwaystriestokeepitselfhidden.Anexploitisacodethattakesadvantageofasoftwarevulnerabilityorsecurityflaw.Exploitsandmalwarearetworisksforendpointsthatarenotuptodate.ARPspoofingandeavesdroppingareattacksagainstthenetworkwhiledenial-of-serviceattackisbasedonthefloodingofIPpack

28、ets.Q13.WhichPKIenrollmentmethodallowstheusertoseparateauthenticationandenrollmentactionsandalsoprovidesanoptiontospecifyHTTP/TFTPcommandstoperformfileretrievalfromtheserver?A. urlB. terminalC. profileD. selfsignedAnswer:CExplanation:Atrustpointenrollmentmode,whichalsodefinesthetrustpointauthenticat

29、ionmode,canbeperformedvia3mainmethods:1. TerminalEnrollmentmanualmethodofperformingtrustpointauthenticationandcertificateenrolmentusingcopy-pasteintheCLIterminal.2. SCEPEnrollmentTrustpointauthenticationandenrollmentusingSCEPoverHTTP.3. EnrollmentProfileHere,authenticationandenrollmentmethodsaredefi

30、nedseparately.AlongwithterminalandSCEPenrollmentmethods,enrollmentprofilesprovideanoptiontospecifyHTTP/TFTPcommandstoperformfileretrievalfromtheServer,whichisdefinedusinganauthenticationorenrollmenturlundertheprofile.Reference:httpscenussupportdocssecurity-vpnpublic-key-infrastructure-pki211333-IOS-

31、PKI-Deployment-Guide-lnitial-Design.htmlQ14.Whataretworootkittypes?(Choosetwo)A.registryB. virtualC. bootloaderD. usermodeE. buffermodeAnswer:CDExplanation:ThetermrootkitoriginallycomesfromtheUnixworld,wherethewordrootisusedtodescribeauserwiththehighestpossiblelevelofaccessprivileges,similartoanAdmi

32、nistratorinWindows.Thewordkit,referstothesoftwarethatgrantsroot-levelaccesstothemachine.Putthetwotogetherandyougetrootkit,aprogramthatgivessomeonewithlegitimateormaliciousintentionsprivilegedaccesstoacomputer.Therearefourmaintypesofrootkits:Kernelrootkits,Usermoderootkits,Bootloaderrootkits,Memoryro

33、otkitsQ15.Whichformofattackislaunchedusingbotnets?A.日DDe)SB. virusC. DDOSD. TCPfloodAnswer:CExplanation:Abotnetisacollectionofinternet-connecteddevicesinfectedbymalwarethatallowhackerstocontrolthem.Cybercriminalsusebotnetstoinstigatebotnetattacks,whichincludemaliciousactivitiessuchascredentialsleaks

34、,unauthorizedaccess,datatheftandDDoSattacks.Q16.Whichthreatinvolvessoftwarebeingusedtogainunauthorizedaccesstoacomputersystem?A. virusB. NTPamplificationC. pingofdeathD. HKPfloodAnswer:AQ17.Whichtypeofattackissocialengineering?A. trojanB. phishingC. malwareD. MITMAnswer:BExplanation:Phishingisaformo

35、fsocialengineering.Phishingattacksuseemailormaliciouswebsitestosolicitpersonal,oftenfinancial,information.AttackersmaysendemailseeminglyfromareputablecreditcardcompanyOrfinancialinstitutionthatrequestsaccountinformation,oftensuggestingthatthereisaproblem.Q18.WhichtwokeyandblocksizesarevalidforAES?(C

36、hoosetwo)A. 64-bitblocksize,112-bitkeylengthB. 64-bitblocksize,168-bitkeylengthC. 128-bitblocksize,192-bitkeylengthD. 128-bitblocksize,256-bitkeylengthE. 192-bitblocksize,256-bitkeylengthAnswer:CDExplanation:TheAESencryptionalgorithmencryptsanddecryptsdatainblocksof128bits(blocksize).Itcandothisusin

37、g128-bit,192-bit,or256-bitkeysQ19.WhichtwodescriptionsofAESencryptionaretrue?(Choosetwo)A. AESislesssecurethan3DES.B. AESismoresecurethan3DES.C. AEScanusea168-bitkeyforencryption.D. AEScanusea256-bitkeyforencryption.E. AESencryptsanddecryptsakeythreetimesinsequence.Answer:BDQ20.Whichalgorithmprovide

38、sencryptionandauthenticationfordataplanecommunication?A. AES-GCMB. SHA-96C. AES-256D. SHA-384Answer:AExplanation:Thedataplaneofanynetworkisresponsibleforhandlingdatapacketsthataretransportedacrossthenetwork.(Thedataplaneisalsosometimescalledtheforwardingplane.)MaybethisQwantstoaskabouttheencryptiona

39、ndauthenticationinthedataplaneofaSD-WANnetwork(butSD-WANisnotatopicoftheSCOR350-701exam?).IntheCiscoSD-WANnetworkforunicasttraffic,dataplaneencryptionisdonebyAES-256-GCM,asymmetric-keyalgorithmthatusesthesamekeytoencryptoutgoingpacketsandtodecryptincomingpackets.EachrouterperiodicallygeneratesanAESk

40、eyforitsdatapath(specifically,onekeyperTLOC)andtransmitsthiskeytothevSmartcontrollerinOMProutepackets,whicharesimilartoIProuteupdates.Reference:httpscenustddocsrouterssdwanconfigurationsecurityvedgesecurity-book/security-overview.htmlQ21.Ellipticcurvecryptographyisastrongermoreefficientcryptographym

41、ethodmeanttoreplacewhichcurrentencryptiontechnology?A. 3DESB. RSAC. DESD. AESAnswer:BExplanation:ComparedtoRSA,theprevalentpublic-keycryptographyoftheInternettoday,EllipticCurveCryptography(ECC)offerssmallerkeysizes,fastercomputation,aswellasmemory,energyandbandwidthsavingsandisthusbettersuitedforsm

42、alldevices.Q22.WhatistheresultofrunningthecryptoisakmpkeyciscXXXXXXXaddress172.16.0.0command?A.authenticatestheIKEv2peersinthe172.16.0.0/16rangebyusingthekeyciscXXXXXXXXB.authenticatestheIPaddressofthe172.16.0.0/32peerbyusingthekeyciscXXXXXXXXC.authenticatestheIKEvlpeersinthe172.16.0.0/16rangebyusin

43、gthekeyciscXXXXXXXXD.securesallthecertificatesintheIKEexchangebyusingthekeyciscXXXXXXXXAnswer:BExplanation:Thesyntaxofabovecommandis:cryptoisakmpkeyenc-type-digitkeystringaddresspeer-addressmaskipv6ipv6-addressipv6-prefixhostnamehostnameo-xauthThepeer-addressargumentspecifiestheIPorIPv6addressofther

44、emotepeer.Reference:httpscenustddocsios-xmliossecurityalsec-al-cr-booksec-cr-c4.html#wp6039879Q23.WhichtechnologymustbeusedtoimplementsecureVPNconnectivityamongcompanybranchesoveraprivateIPcloudwithany-to-anyscalableconnectivity?A. DMVPNB. FIexVPNC. IPsecDVTID. GETVPNAnswer:DExplanation:CiscosGroupE

45、ncryptedTransportVPN(GETVPN)introducestheconceptofatrustedgrouptoeliminatepoint-to-pointtunnelsandtheirassociatedoverlayrouting.Allgroupmembers(GMs)shareacommonsecurityassociation(SA),alsoknownasagroupSA.ThisenablesGMstodecrypttrafficthatwasencryptedbyanyotherGM.GETVPNprovidesinstantaneouslarge-scal

46、eany-to-anyIPconnectivityusingagroupIPsecsecurityparadigm.Reference:httpscdamenusproductscollateralsecuritygroup-encrypted-transport-vpn/GETVPN_DIG_version_2_0_External.pdfQ24.WhichtwoconditionsareprerequisitesforstatefulfailoverforIPsec?(Choosetwo)A. OnlytheIKEconfigurationthatissetupontheactivedev

47、icemustbeduplicatedonthestandbydevice;theIPsecconfigurationiscopiedautomaticallyB. TheactiveandstandbydevicescanrundifferentversionsoftheCiscoIOSsoftwarebutmustbethesametypeofdevice.C. TheIPsecconfigurationthatissetupontheactivedevicemustbeduplicatedonthestandbydeviceD. OnlytheIPsecconfigurationthatissetupontheactivedevicemustbeduplicatedonthestandbydevice;theIKEconfigurationiscopiedautomatically.E. Theactiveandstandbydevicesmustrunthe