[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fguelExGLM9JTr9t0sisLeqdQ9Obcg2rK1C-KRZUjTzw":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":16,"related":17,"source":27,"type":28},[],"2023-12-14 19:10:42",114104480,[8,9,10,11],"缓冲区溢出","网络监听","钓鱼攻击","DDOS攻击",{"courseId":13,"courseImg":14,"courseName":15},"119f10c37f9316b09ee34183060624b6","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F9c1e48361b00f3ee2086f4e259ed792b.jpg","网络安全","用户收到一封可疑的电子邮件,要求用户提供银行账号及密码,这是属于何种攻击手段?( )",[18,29,38,41,50,59,68,77,87,96],{"answer":19,"createTime":5,"id":20,"options":21,"question":26,"source":27,"type":28},[],114104478,[22,23,24,25],"IP欺骗","解密","窃取口令","发送病毒","黑客利用IP地址进行攻击的方法有()","v1",0,{"answer":30,"createTime":5,"id":31,"options":32,"question":37,"source":27,"type":28},[],114104479,[33,34,35,36],"文件共享","拒绝服务","BIND漏洞","远程过程调用","使网络服务器中充斥大量要求回复的信息,消耗带宽,导致网络或系统停止正常服务,这属于什么攻击类型?( )",{"answer":39,"createTime":5,"id":6,"options":40,"question":16,"source":27,"type":28},[],[8,9,10,11],{"answer":42,"createTime":5,"id":43,"options":44,"question":49,"source":27,"type":28},[],114104481,[45,46,47,48],"木马的控制端程序","不用安装","控制端、服务端程序都必须安装","木马的服务器端程序","黑客想要控制某些用户,需要把木马程序安装到用户的机器中,实际上安装的是( )",{"answer":51,"createTime":5,"id":52,"options":53,"question":58,"source":27,"type":28},[],114104482,[54,55,56,57],"木马不像病毒那样具有破坏性","木马不像病毒那样是独立运行的程序","木马不像病毒那样能够自我复制","木马和病毒都是独立运行的程序","以下说法正确的是( )",{"answer":60,"createTime":5,"id":61,"options":62,"question":67,"source":27,"type":28},[],114104484,[63,64,65,66],"撞库","洗库","12306 网站管理员故意泄密","钓鱼邮件","2014 年 12 月 25 日,12306 网站部分用户信息在因特网上疯传,黑客获得这些用户 信息的最可能方式是 ( )",{"answer":69,"createTime":5,"id":70,"options":71,"question":76,"source":27,"type":28},[],114104487,[72,73,74,75],"burpsuite","sqlmap","apache","metasploit","以下哪个不是web渗透测试工具?( )",{"answer":78,"createTime":79,"id":80,"options":81,"question":86,"source":27,"type":28},[],"2023-12-14 19:10:43",114104488,[82,83,84,85],"渗透测试以攻击者的思维模拟真实攻击,能发现如配置错误等运行维护期产生的漏洞","渗透测试是用软件代替人工的一种测试方法,因此测试效率更高","渗透测试使用人工进行测试,不依赖软件,因此测试更准确","渗透测试中必须要查看软件源代码,因此测试中发现的漏洞更多","某单位开发了一个面向互联网提供服务的应用网站,该单位委托软件测评机构对软件进行了源代码分析、模糊测试等软件安全性测试,在应用上线前,项目经理提出了还需要对应用网站进行一次渗透性测试,作为安全主管,你需要提出渗透性测试相比源代码测试、模糊测试的优势给领导做决策,以下哪条是渗透性测试的优势",{"answer":88,"createTime":79,"id":89,"options":90,"question":95,"source":27,"type":28},[],114104490,[91,92,93,94],"漏洞是存在于信息系统的某种缺陷","漏洞存在于一定的环境中,寄生在一定的客体上","具有可利用性和违规性,它本身的存在虽不会造成破坏,但是可以被攻击者利用,从而给信息系统安全带来威胁和损失","漏洞都是人为故意引入的一种信息系统的弱点","下列哪一些对信息安全漏洞的描述是错误的",{"answer":97,"createTime":79,"id":98,"options":99,"question":104,"source":27,"type":28},[],114104493,[100,101,102,103],"口令攻击","暴力破解","拒绝服务攻击","社会工程学攻击","张三将微信个人头像换成微信群中某好友头像,并将昵称改为该好友的昵称,然后向该好友的其他好友发送一些欺骗消息.该攻击行为属于以下哪类攻击"]