單項選擇題How doTCP SYN attacks take advantage ofTCPto prevent new connections from being established to a host under attack?()

A.These attacks send multiple FIN segments forcing TCP connection release.
B.These attacks fill up a hosts’ listen queue by failing to ACK partially openedTCPconnections.
C.These attacks take advantage of the hosts transmit backoff algorithm by sending jam signals to the host.
D.These attacks increment the ISN of each segment by a random number causing constant TCP retransmissions.
E.These attacks send TCP RST segments in response toconnection SYN+ACK segments forcing SYN retransmissions.





您可能感興趣的試卷

你可能感興趣的試題

1.單項選擇題Which one of the following is NOT a supported IKE attribute?()

A. PFS group.
B. Encryption algorithm.
C. Hashing Algorithm.
D. Authenticationmethod.
E. Lifetime duration.

2.多項選擇題Select the two correctstatements from the list below that describe DES and 3DES: ()

A. 3DES is muchmore secure than DES.
B. Both DES and 3DES are stream ciphers.
C. DES uses 64 bitkeys, although the effective key lengthis only 56bits.
D. The decryption operation for both DES and 3DES is the same as the encryption operation.
E. DES can only be used for encryption, whereas 3DES can also be used for authentication.

4.單項選擇題What group in Cisco IOS does 1536-bit Diffie-Hellman prime modulus equivalent too?()

A. group 3
B. group 1
C. group 5
D. group 7

5.單項選擇題Which one of the following is NOT a valid RADIUS packet type?()

A. Access-reject
B. Access-response
C. Access-challenge
D. Access-reply
E. Access-accept

6.單項選擇題Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()

A. Class-Based Policing
B. Control Plane Policing
C. Dual-Rate Policier
D. Single-Rate Policier
E. Class-BasedTraffic Shaper

7.多項選擇題Which of the following is true about RADIUSV end or Specific Attribute? ()

A. The RADIUSVendor Specific Attribute type is decimal 26.
B. A radius server that does not understandthevendor-specific information sent by a clientmust reject the authentication request.
C. A vendor can freely choose theVendor-ID it wants to use when implementing Vendor Specific Attributes as long as the same Vendor-ID is used on all of its products.
D. Vendor Specific AttributeMUST include the Length field.
E. In Cisco’s Vendor Specific Attribute implementation, vendor-ID of 1 is commonly referred to as Cisco AV(Attribute Value) pairs.
F. Vendor Specific Attributes use a RADIUS attribute type between 127 and 255.

8.多項選擇題TACACS+ authentication uses whichthree packet types? ()

A. ACCESS REQUEST
B. ACCESS ACCEPT
C. CONTINUE
D. CHALLENGE
E. REPLY
F. START

9.單項選擇題What is true about SYN cookies?()

A. All TCPoptions are supported, such as largewindows.
B. The server can have more than8 unique MSS values.
C. SYN cookies are not implemented as a method of defending against SYN floods.
D. SYN cookies are implemented as a method of defending against SYN floods.

最新試題

Which statements are true concerning NAT? ()

題型:多項選擇題

Which two statements are correct about the aaa authentication login default grouptacacs+ localglobal configuration command? ()

題型:多項選擇題

Which IOS QoS mechanism is used strictly to rate limit traffic destinedto the router itself?()

題型:單項選擇題

Which one of the following is NOT a valid RADIUS packet type?()

題型:單項選擇題

CS-MARS works with which IOS feature to accomplish anomaly detection?()

題型:單項選擇題

Which ones are the two type of ciphers?()

題型:單項選擇題

What is true about SYN cookies?()

題型:單項選擇題

Which SSL protocol takes anapplication message tobe transmitted, fragments the datainto manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds a header, and transmits the resulting unit ina TCPsegment?()

題型:單項選擇題

In an L2TP voluntary tunneling scenario, the VPDN tunnel is terminated between:()

題型:單項選擇題

Of the threats discussed below, what is the main advantage of using Cisco Secure Desktop which is part of the Cisco ASA VPN solution?()

題型:單項選擇題