【单选题】
是跨站脚本攻击防范的是___
A. 对用户提交内容进行可靠的输入验证,包括URL、查询关键词、POST数据等
B. 只允许合法字符的使用
C. 只接受在所规定范围内、采用适当格式的字符,阻塞、过滤或者忽略其他任何东西
D. ABC都是
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
D
解析
暂无解析
相关试题
【单选题】
攻击者如果成功地利用XSS攻击攻击手段,会导致___
A. 攻击者可以利用这一攻击搜集网站用户信息,进行会话劫持
B. 可以导致拒绝服务攻击
C. 可以与浏览器漏洞结合
D. ABC都是
【单选题】
在SQL注入中,猜测用户名长度的语句是___
A. and exists(select id from admin where id<100)
B. and exists(select * from admin)
C. and exists(select id from admin where len(username)=5 and id=1
D. select * from admin
【单选题】
关于欺骗攻击说法不正确的是。___
A. IP欺骗:指使用其他计算机的IP地址来骗取连接,获得信息或者得到特权
B. ARP欺骗:只利用ARP协议中的缺陷,把自己伪装成中间人。获取局域网内的部分信息报文
C. 电子邮件欺骗:利用伪装或虚假的电子邮件发送方地址的欺骗
D. DNS欺骗:在域名与IP地址转换过程中实现的欺骗
【单选题】
完成一个会话劫持攻击通常需要下面五个步骤,顺序正确的是。___
A. 发现攻击目标、猜测序列号、确认动态会话、使客户主机下线、接管会话
B. 发现攻击目标、确认动态会话、猜测序列号、使客户主机下线、接管会话
C. 发现攻击目标、猜测序列号、接管会话、使客户主机下线、确认动态会话
D. 发现攻击目标、确认动态会话、使客户主机下线、猜测序列号、接管会话
【单选题】
配置DNS服务器的时候,需要注意的不包括___
A. 不限制动态更新
B. 采用分层的DNS体系结构
C. 关闭DNS服务器的递归功能
D. 使用最新版本的DNS服务器软件,并及时安装补丁
【单选题】
关于Web欺骗描述,不正确的信息是___
A. 攻击者不完全可以截获并使用这些信息
B. 攻击者可以修改受害者的确认数据
C. 攻击者可以通过修改受害者和Web服务器两方中任何一方数据来进行破坏活动
D. 攻击者可以获得用户的账户和密码
【单选题】
不属于防范Web欺骗的方法是?___
A. 禁用JavaScript、ActiveX或者让任何其他在本地执行的脚本语言
B. 确保应用有效并能适当的跟踪用户
C. 配置网络浏览器使它总能显示当前的URL,但不用经常查看它
D. 培养用户注意浏览器地址线上现实的URL的好习惯
【单选题】
三种基本的IP欺骗技术包括?___
A. 简单的IP地址变化、DDoS攻击分布式拒绝攻击、利用UNIX系统中的信任关系
B. 简单的IP地址变化、使用源路由截取数据包、DDoS攻击分布式拒绝攻击
C. 简单的IP地址变化、使用源路由截取数据包、利用UNIX系统中的信任关系
D. DDoS攻击分布式拒绝攻击、使用源路由截取数据包、利用UNIX系统中的信任关系
【单选题】
源路由机制通过IP数据包报头的源路由选项字段来工作,它允许数据包的发送者在这一选项里设定接收方返回的数据包要经过路由表。包括两种类型___
A. 宽松的源站选择
B. 严格的源站选择
C. 以上都不是
D. 以上都是
【单选题】
邮件系统的传输,包含了哪三大部分___
A. 用户代理、传输代理、投递代理
B. 用户代理、主机代理、投递代理
C. 用户代理、传输代理、主机代理
D. 传输代理、主机代理、投递代理
【单选题】
按漏洞利用方式分类,DOS攻击可以分为___
A. 特定资源消耗类和暴力攻击类
B. 固定速率和可变速率
C. 系统或程序崩溃类和服务降级类
D. 特定资源消耗类和服务降级类
【单选题】
以下几种典型的DOS攻击技术中,哪种是使用ICMP Echo请求包来实现攻击的。___
A. Fraggle攻击
B. Smurf攻击
C. SYN洪水
D. 泪滴(分片攻击)
【单选题】
无论是DOS攻击还是DDOS攻击,都是___
A. 攻击目标服务器的带宽和连通性
B. 分布式拒绝服务攻击
C. 利用自己的计算机攻击目标
D. 组成一个攻击群,同一时刻对目标发起攻击
【单选题】
以下关于smurf攻击的描述,正确的是___
A. 攻击者最终的目标是在目标计算机上获得一个帐号
B. 它不依靠大量有安全漏洞的网络作为放大器
C. 它是一种接受服务形式的攻击
D. 它使用TCP/IP协议来进行攻击
【单选题】
攻击者进行拒绝服务攻击,实际上是让服务器实现以下效果除了___。
A. 迫使服务器的缓冲期满,不接受新的请求
B. 大量垃圾文件侵占内存
C. 使用IP欺骗
D. 迫使服务器把合法用户的连接复位,影响合法用户的连接
【单选题】
为什么需要网络扫描器 ___
A. 由于网络技术的飞速发展,网络规模迅猛增长和计算机系统日益复杂,导致新的系统漏洞层出不究
B. 由于系统管理员的疏忽或缺乏经验,导致旧有的漏洞依然存在
C. 许多人出于好奇或别有用心,不停的窥视网上资源
D. 以上都是
推荐试题
【单选题】
Which vSphere 6.x feature will allow an organization to utilize native snapshots?___
A. Virtual Volumes
B. Virtual SAN
C. VMFS3
D. VMFS5
【单选题】
An administrator is creating a new vSphere Distributed Switch that will be utilized with a specific vSphere Cluster. The cluster itself contains a mix of ESXi 5.x and 6.x Hosts. Which Distributed Switch version should be created to support this configuration?___
A. Distributed Switch: 6.0.0
B. Distributed Switch: 5.0.0
C. Distributed Switch: 5.1.0
D. Distributed Switch: 5.5.0
【单选题】
Which load balancing policy, previously limited to vSphere Distributed Switches, is now available on vSphere Standard Switches with vSphere 6.x?___
A. Route based on physical NIC workload
B. Route based on IP Hash
C. Route based on the originating virtual port
D. Route based on Source MAC Hash
【单选题】
A storage administrator is not seeing full utilization of all bandwidth from an ESXi host. The vSphere administrator observes the adapter details, as shown in the Exhibit. What is the probable cause of this issue?___
A. Another path needs to be used to allow full utilization of the bandwidth.
B. The array is not setup to use the correct multipathing policy.
C. There are no virtual machines on the host.
D. No traffic is being sent across it because a path failed.
【单选题】
A storage administrator is not seeing full utilization of all bandwidth from an ESXi host. The vSphere administrator observes the adapter details, as shown in the Exhibit. What is the probable cause of this issue?___
A. Another path needs to be used to allow full utilization of the bandwidth.
B. The array is not setup to use the correct multipathing policy.
C. There are no virtual machines on the host.
D. No traffic is being sent across it because a path failed.
【单选题】
An administrator has just completed performing an interactive installation of ESXi 6.x and is booting the host. How is the network initially configured?___
A. The network is configured by Automatic Private IP Addressing (APIPA).
B. The network is configured based on the settings detected in DNS.
C. The network is configured with the address as specified in the installer.
D. The network is automatically configured by DHCP.
【单选题】
You have just installed an ESXi 6.x Host. As part of your company security regulations, a security banner must be presented on the console of the host. How can this action be accomplished?___
A. Configure the Advanced Settings > Annotations screen of the ESXi host.
B. This is configured from the Direct Console User Interface configuration menu.
C. It is not possible to configure a security banner for the ESXi host.
D. From vCenter Server, this setting is configured globally in the vCenter Server configuration.
【单选题】
An administrator is only able to see the Health Badge when using the vRealize Operations user interface. What is the likely cause of this behavior?___
A. The vRealize Operations Foundation License is in use.
B. The vmware-sps service failed to start.
C. The vRealize Operations Standard License is in use.
D. The vmware-rbd-watchdog service failed to start.
【单选题】
An administrator has configured an alarm to be notified when a virtual machine meets either of these conditions: <High virtual CPU> <High active memory consumption.> <The alarm is only triggering when both of the conditions are met.> What can be done to correct the alarm behavior?___
A. Edit the alarm and select Trigger if ANY of the following conditions are satisfied.
B. Edit the alarm and select Trigger if ALL of the following conditions are satisfied.
C. Create two separate alarms, one for CPU and one for memory and link them together with ESXCLI.
D. Delete the existing alarm and create a new event based alarm.
【单选题】
An administrator creates an ESXi cluster using vSphere Auto Deploy. The ESXi hosts are configured to get a management IP address from a DHCP server. The administrator needs to troubleshoot the management network on one of the hosts. Which DCUI option should the administrator use to renew the DHCP lease? ___
A. Restart Management Network
B. Restore Network Settings
C. Test Management Network
D. Configure Management Network
【单选题】
An administrator is attempting to restore a number of files in a directory within the Operating System of a virtual machine. How can the administrator restore the files from a previous backup? ___
A. Use the File Level Restore option from the selected backup of the virtual machine in the vSphere Web Client.
B. Connect to the File Level Restore tool from a web browser in the virtual machine.
C. Connect to the File Level Restore tool from the VMware
D. ata Protection appliance.
【单选题】
After selecting an object in vRealize Operations, how can a user compare the badge values of related child objects? ___
A. Use the Scoreboard tab
B. Use the Relationship tab
C. Use the Members tab
D. Use the Overview tab
【单选题】
You want to deploy a vApp and dynamically assign IP addresses without a DHCP server on the network. Which action would you take to accomplish this task? ___
A. Enable IP pools.
B. Configure a local DHCP server in the vApp.
C. Enable NAT on the vApp router.
D. Configure the guest OS for workgroup and WINS.
【单选题】
What is the optimal configuration when building a virtual machine for a single-threaded Windows application? ___
A. Deploy single-threaded applications on uniprocessor virtual machines.
B. Deploy single-threaded applications on symmetric multi-processor virtual machines.
C. Tune single-threaded applications to take advantage of symmetric multi-processor resources.
D. Tune Single-threaded applications at the hypervisor level.
【单选题】
An administrator has created the resource pool configuration shown in the Exhibit. Based on the exhibit, which virtual machine(s) can be successfully powered on? ___
A. VM-M1 only
B. VM-K1 only
C. VM-K1 and VM-K2 only
D. VM-K1, VM-K2, and VM-M1
【单选题】
Which vSphere 6 Enterprise Edition feature will allow an organization to ensure that critical multi-threaded applications have the maximum possible uptime? ___
A. Fault Tolerance
B. High Availability
C. Distributed Resource Scheduler
D. App HA
【单选题】
An administrator has a virtual machine that requires four times the compute resources than other virtual machines on the same ESXi 6.x host. How should the administrator configure the virtual machine settings, in order to be prepared for any resource contention? ___
A. Set the shares of the priority virtual machine to High and the rest to Low.
B. Set the shares of the priority virtual machine to High.
C. Set the shares of the priority virtual machine to High and the rest to Normal.
D. Set the shares of the priority virtual machine to Normal and the rest to Low.
【单选题】
Which type of Adapter does not require vmkernel networking? ___
A. Independent Hardware iSCSI Adapter
B. Dependent Hardware iSCSI Adapter
C. Software iSCSI Adapter
D. Software FCoE Adapter
【单选题】
During the installation of ESXi 6.0, the following error message is reported: Hardware Virtualization is not a feature of the CPU, or is not enabled in the BIOS. Which condition would generate this message? ___
A. LAHF/SAHF is not enabled in the BIOS.
B. NX/XD is not enabled in the BIOS.
C. SSE3 is not enabled in the BIOS.
D. Hyperthreading is not enabled in the BIOS.
【单选题】
An administrator is unable to login to vCenter Server when using the vSphere web client. The administrator successfully accessed vCenter Server using the client earlier the same day. What is the most appropriate first step the administrator should take to resolve this issue? ___
A. Verify the web browser being used has Adobe Flash plugin version 11.5 or later
B. Verify the vCenter Single Sign-On service is running on the vCenter Server
C. Verify the vSphere Web Server service is running on the vCenter Server
D. Verify the administrator has permissions configured in vCenter Server
【单选题】
An administrator has configured an alarm to be notified when a virtual machine meets two conditions: <high virtual CPU> <high active memory consumption> The alarm is malfunctioning and triggering when either condition is met instead of both. What can be done to correct the issue? ___
A. Edit the alarm and select Trigger if ALL of the following conditions are satisfied.
B. Edit the alarm and select Trigger if ANY of the following conditions are satisfied.
C. Create two separate alarms, one for CPU and one for memory.
D. Delete the existing alarm and create a new event based alarm.
【单选题】
What must be enabled to ensure that VM Component Protection (VMCP) works in a High Availability cluster? ___
A. VMware Tools Virtual Machine Communication Interface (VMCI)
B. Fault Tolerance
C. Atomic Test and Set (ATS)
D. All Paths Down (APD) Timeout
【单选题】
An administrator wants to add a web server to an existing multi-tier application consisting of three virtual machines: <A web server> <A database server An application server> The web server should be added to the application when the primary web server reaches: <70% vCPU utilization> <55% active memory> Which option will achieve this result? ___
A. Create a virtual machine alarm with an action to run a script that starts a new instance of the web server.
B. Create a host cpu and memory alarm with an action to run a script that starts a new instance of the webserver.
C. Configure HA application monitoring for the web server and set it to trigger deployment of a new instance of the web server.
D. Configure Fault Tolerance on the virtual machine and leave the secondary machine disabled until needed.
【单选题】
An administrator has an application that requires connection directly to PCI devices through a virtual machine. What is a limitation of this configuration? ___
A. Devices must be reserved for PCI passthrough on at least one host on which the virtual machine will run.
B. Snapshots are not supported with DirectPath I/O passthrough devices.
C. A maximum of 18 PCI vSphere
D. irectPath devices can be added to a virtual machine.
【单选题】
The vSphere administrator is configuring directory services for an ESXi host: What should the vSphere administrator do to configure the host to use CAM services? ___
A. Check the Use vSphere Authentication Proxy checkbox.
B. Set Select Directory Service Type to CAM services.
C. Specify CAM$ for the
D. omain.
【单选题】
Which statement is true regarding the licensing of vCenter Server? ___
A. The license for vCenter Server must be provided at the time of installation.
B. Changing the license assigned to vCenter Server requires a restart of the vCenter Server service.
C. Virtual machines can still be powered on if the vCenter Server license expires.
D. Licensing for a single vCenter Server installation is determined by the number of managed virtual machines.
【单选题】
When configuring vSphere Replication for a virtual machine, what is the lowest Recovery Point Objective (RPO) that can be selected? ___
A. 1 min
B. 5 min
C. 10 min
D. 15min
【单选题】
A developer needs to create a multi-tier development stack for a home lab. Which vSphere product will support the architecture required for the least software cost? ___
A. vSphere Hypervisor
B. vSphere Essentials
C. VMware Player
D. VMware Workstation
【单选题】
An administrator is installing Windows into a virtual machine. The DVD has been mounted on the Host and configured for the virtual machine as shown in the Exhibit. Based on the exhibit, when the virtual machine is booted, why would it attempt to search for a PXE server? ___
A. The CD/DVD device is not connected.
B. The ISO is in the incorrect storage location.
C. The OS minimum requirements have not been met.
D. The CD/DVD device is not set to Client Device.
【单选题】
What component must be installed prior to deploying a vCenter Server in vSphere 6.x? ___
A. vCenter Identity Services
B. Platform Services Controller
C. vCenter Single Sign-On
D. Client Integration Plug-In
【单选题】
What is a valid plug-in status for a plug-in that has been added to a vSphere client? ___
A. Disabled
B. Unknown
C. Stopped
D. Installed
【单选题】
Users of an application are reporting performance issues. The following performance values are observed in the vSphere Web Client: <Host CPU utilization is 90%> <Virtual Machine memory utilization is consistently greater than 90% CPU Ready values are higher than 20%> What could be the cause of the application performance issue? ___
A. The host is lacking the CPU resources required to meet the demand.
B. The host is lacking the memory resources required to meet the demand.
C. The virtual machine is lacking the CPU resources required to meet the demand.
D. The virtual machine is lacking the memory resources required to meet the demand.
【单选题】
An administrator creates an ESXi cluster using vSphere Auto Deploy. The ESXi hosts are configured to get a management IP address from a DHCP server. The administrator needs to troubleshoot the management network on one of the hosts. Which DCUI option should the administrator use to renew the DHCP lease? ___
A. Restart Management Network
B. Restore Network Settings
C. Test Management Network
D. Configure Management Network
【单选题】
An administrator is re-provisioning an ESXi host and moving it to another datacenter. Which DCUI option should the administrator use to revert the system configuration to the default settings? ___
A. Reset System Configuration
B. Rebuild Default System Configuration
C. Revert System Configuration
D. Renew Default System Configuration
【单选题】
An administrator has just completed installing an ESXi 6.x host, but doesn't know what address has been configured. Where is the ESXi host IP address configured? ___
A. RVC console
B. Direct Console User Interface
C. vSphere Web Client
D. vSphere Client
【单选题】
When is it possible to place a VMFS5 datastore in maintenance mode? ___
A. When it is a member of a Storage DRS cluster
B. When it is a member of Virtual SAN cluster
C. When it is a member of a multi-extent datastore
D. When it is a member of a Virtual Volume
【单选题】
Immediately after installing ESXi, an administrator observes that the Configure Lockdown Mode option is grayed out in the Direct Console User Interface (DCUI). What is the most likely explanation? ___
A. The host has not yet been added to a vCenter Server.
B. The BIOS on the host does not have NX/XD enabled.
C. The ESXi host is running in evaluation mode.
D. The host requires a reboot before this feature is available.
【单选题】
Immediately after installing ESXi, an administrator observes that the Configure Lockdown Mode option is grayed out in the Direct Console User Interface (DCUI). What is the most likely explanation? ___
A. The host has not yet been added to a vCenter Server.
B. The BIOS on the host does not have NX/XD enabled.
C. The ESXi host is running in evaluation mode.
D. The host requires a reboot before this feature is available.
【单选题】
Which Single Sign-On deployment mode should an administrator use for two 6.x vCenter Servers configured with linked mode? ___
A. Basic Single Sign-On with vCenter Server Heartbeat
B. Multisite Single Sign-On
C. Basic Single Sign-On
D. Single Sign-On with Linked Mode
【单选题】
What is required when changing a virtual machine name using the vSphere Web Client? ___
A. Verify connectivity to the ESXi host where the virtual machine is running and its inventory list is accessible.
B. Verify in which datastore the virtual machine resides and that you have access and its inventory list is accessible.
C. Verify that virtual machine files are stored in the same datastore and can be accessed in the datastore browser list.
D. Verify the virtual machine is not running in Fault Tolerant mode and that it is not in a Distributed Resource Scheduler cluster.
