單項選擇題How doTCP SYN attacks take advantage ofTCPto prevent new connections from being established to a host under attack?()

A.These attacks send multiple FIN segments forcing TCP connection release.
B.These attacks fill up a hosts’ listen queue by failing to ACK partially openedTCPconnections.
C.These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D.These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E.These attacks send TCP RST segments in response toconnection SYN+ACK segments forcing SYN retransmissions.





您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題CS-MARS works with which IOS feature to accomplish anomaly detection?()

A. IOS IPS
B. Autosecure
C. CSA
D. Netflow
E. IOS Network Foundation Protection (NFP)
F. IOS Firewall

2.多項選擇題TACACS+ authentication uses whichthree packet types? ()

A. ACCESS REQUEST
B. ACCESS ACCEPT
C. CONTINUE
D. CHALLENGE
E. REPLY
F. START

3.多項選擇題Which two statements are correct about the aaa authentication login default grouptacacs+ localglobal configuration command? ()

A. this login authenticationmethod list is automaticallyapplied to all lines except those that have a named method list explicitly defined
B. If the user fails the TACACS+ authentication then the local database on the router will be used to authenticatethe user
C. if the tacacs+ server fails to respond then the local database on the router will be used to authenticate the user 
D. "login" is the name of the method list being configured
E. if the tacacs+ server is unavailable, authentication will succeed automaticallyby default

4.單項選擇題Which one of the following is NOT a valid RADIUS packet type?()

A. Access-reject
B. Access-response
C. Access-challenge
D. Access-reply
E. Access-accept

5.單項選擇題What are the header sizes for point-to-point and multi-point GRE(also known asmGRE) with tunnel key?()

A. 4 bytes for both
B. 4 bytes, and 8 bytes respectively
C. 8 bytes for both
D. 24 bytes for both

6.單項選擇題Which of the following is an example of a security technology that could be enabled by Netflow?()

A. Anomaly Detection
B. SYN Cookies
C. Application Inspection
D. Content filtering
E. Anti-X Protection
F. Anti Virus

7.單項選擇題What Cisco technology protects against Spanning-Tree Protocol manipulation?()

A. Spanning tree protect
B. Root Guard and BPDU Guard
C. Unicast Reverse Path Forwarding
D. MAC spoof guard
E. Port Security

8.單項選擇題Which is a benefit of implementing RFC 2827?()

A.Prevents DoS from legimate, non-hostile end systems
B.Prevents disruption of "special services", such as Mobile IP
C.Defeats DoS Attacks which employ IPSource Address Spoofing
D.Restricts directed broadcasts at the ingress router
E.Allows DHCP or BOOTP packets to reach the relay agents asappropriate

9.單項選擇題What is true about SYN cookies?()

A. All TCPoptions are supported, such as largewindows.
B. The server can have more than8 unique MSS values.
C. SYN cookies are not implemented as a method of defending against SYN floods.
D. SYN cookies are implemented as a method of defending against SYN floods.

10.單項選擇題Which of these is the best way to provide sender non-repudiation?()

A. pre-sharedkey
B. secure hash
C. SSL
D. RSA signature