[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$faZUAZnlh0aZUwr_SUiY3ItX0ANQJJKSx70rO1utOrd8":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":14,"question":21,"related":22,"source":33,"type":34},[],"2023-11-30 18:08:44",110228979,[8,9,10,11,12,13],"服务器配置不当","开源编辑器的上传漏洞","本地文件上传限制被绕过","过滤不严或被绕过","文件解析漏洞导致文件执行","文件路径截断",{"count":15,"courseId":16,"courseImg":17,"courseName":18,"workId":19,"workName":20},10,"ddcb1cd8eb5b04d727837950b1319f0d","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F566c8e36cfbf7ec8ad530c758f6fd601.jpg","网络安全技术","1facf7b06daf4c91b361b940100c8fca","期末模拟试题1","文件上传漏洞出现的地方,可能是以下哪些选项",[23,35,44,53,63,72,75,84,94,103],{"answer":24,"createTime":25,"id":26,"options":27,"question":32,"source":33,"type":34},[],"2023-11-30 18:08:43",110228969,[28,29,30,31],"发现目标主机或网络","搜集目标信息,包括操作系统类型、运行的服务以及服务软件的版本等","根据收集到的信息判断或者进一步测试系统是否存在安全漏洞","根据安全漏洞获取目标用户的信息","一个完整的网络安全扫描分为 ( )( )( )三个阶段","v1",1,{"answer":36,"createTime":5,"id":37,"options":38,"question":43,"source":33,"type":34},[],110228973,[39,40,41,42],"ping","nmap","x-scan","sessus","下列哪些软件可以识别目标系统是否活动",{"answer":45,"createTime":5,"id":46,"options":47,"question":52,"source":33,"type":34},[],110228974,[48,49,50,51],"-sV","-O","-sS","-sP","使用nmap探测操作系统类型,可以使用的参数包括",{"answer":54,"createTime":5,"id":55,"options":56,"question":62,"source":33,"type":34},[],110228977,[57,58,41,59,60,61],"openVAS扫描器","WVS扫描器","fluxay","Nessus","W3AF","下列工具中,那几个是漏洞扫描器",{"answer":64,"createTime":5,"id":65,"options":66,"question":71,"source":33,"type":34},[],110228978,[67,68,69,70],"隐蔽性高","能够穿透一般防火墙或者IDS系统","目标主机上不会留下痕迹","扫描精度高","FIN扫描的优点包括",{"answer":73,"createTime":5,"id":6,"options":74,"question":21,"source":33,"type":34},[],[8,9,10,11,12,13],{"answer":76,"createTime":5,"id":77,"options":78,"question":83,"source":33,"type":34},[],110228980,[79,80,81,82],"对面文件后缀进行检测","对文件类型进行检测","对文件内容进行检测","设置上传白名单","上传漏洞的防御方法包括",{"answer":85,"createTime":5,"id":86,"options":87,"question":92,"source":33,"type":93},[],110228981,[88,89,90,91],"2016年11月17日","2017年6月1日","2017年11月17日","2016年6月1日","《中华人民共和国网络安全法》什么时间正式施行",0,{"answer":95,"createTime":5,"id":96,"options":97,"question":102,"source":33,"type":93},[],110228983,[98,99,100,101],"软件程序BUG","网络硬件设备缺陷","造成破坏系统或者信息的弱点","网络病毒及网络攻击","按照ISO安全结构文献定义,网络安全漏洞是()",{"answer":104,"createTime":5,"id":105,"options":106,"question":109,"source":33,"type":93},[],110228988,[41,107,108,40],"nessus","WVS","下列软件中,那个与OpenVAS的功能不类似"]