软题库 培训课程
当前位置:信管网 >> 在线考试中心 >> 信息安全工程师题库 >> 试题查看
试卷年份2017年上半年
试题题型【单选题】
试题内容

There are different ways to perform IP based DoS Attacks. The most common IP based DoS attack is that an attacker sends an extensive amount of connection establishment (1)(e.g. TCP SYN requests) to establish hanging connections with the controller or a DPS. Such a way, the attacker can consume the network resources which should be available for legitimate users. In other (2), the attacker inserts a large amount of (3)packets to the data plane by spoofing all or part of the header fields with random values. These incoming packets will trigger table-misses and send lots of packet-in flow request messages to the network controller to saturate the controller resources. In some cases, an (4)who gains access to DPS can artificially generate lots of random packet-in flow request messages to saturate the control channel and the controller resources. Moreover, the lack of diversity among DPSs fuels fuels the fast propagation of such attacks.
Legacy mobile backhaul devices are inherently protected against the propagation of attacks due to complex and vendor specific equipment. Moreover, legacy backhaul devices do not require frequent communication with core control devices in a manner similar to DPSs communicating with the centralized controller. These features minimize both the impact and propagation of DoS attacks. Moreover, the legacy backhaul devices are controlled as a joint effort of multiple network element. For instance, a single Long Term Evilution(LTE)eNodeB  is connected up to 32 MMEs. Therefore, DoS/DDoS attack on a single core element will not terminate the entire operation of a backhaul device(5)the net work.

(1)A.message  B、information  C、requests  D、data
(2)A.methods  B、cases       C、hands    D、sections
(3)A.bad      B、real        C、fake      D、new
(4)A.user     B、administrator  C、editor   D、attacker
(5)A.or       B、of          C、in        D、to

查看答案

相关试题

68题: 2017年6月1日,()开始施行。
A.中华人民共和国计算机信息系统安全保护条例
B.计算机信息系统国际联网保密管理规定
C.中华人民共和国网络安全法
D.中华人民共和国电子签名法
答案解析与讨论:www.cnitpm.com/st/32754695.html

69题: 面向数据挖掘的隐私保护技术主要解决高层应用中的隐私保护问题,致力于研究如何根据不同数据挖掘操作的特征来实现对隐私的保护。从数据挖掘的角度看,不属于隐私保护技术的是()。
A.基于数据失真的隐私保护技术
B.基于数据匿名化的隐私保护技术
C.基于数据分析的隐私保护技术
D.基于数据加密的隐私保护技术
答案解析与讨论:www.cnitpm.com/st/3275518417.html

70题: 强制访问控制(MAC)是一种不允许主体干涉的访问控制类型。根据MAC的安全基本,用户与访问的信息的读写关系有四种类型,其中能保证数据完整性的读写组合方式是()。
A.上读-下写
B.上读-上写
C.下读-下写
D.下读-上写
答案解析与讨论:www.cnitpm.com/st/3275612511.html