[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fn2-kKmbchcDmhbNSh0eNmXUUqZzXKSLlcrO8JQw9DcQ":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":16,"related":17,"source":28,"type":29},[],"2023-12-14 19:10:43",114104493,[8,9,10,11],"口令攻击","暴力破解","拒绝服务攻击","社会工程学攻击",{"courseId":13,"courseImg":14,"courseName":15},"119f10c37f9316b09ee34183060624b6","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F9c1e48361b00f3ee2086f4e259ed792b.jpg","网络安全","张三将微信个人头像换成微信群中某好友头像,并将昵称改为该好友的昵称,然后向该好友的其他好友发送一些欺骗消息.该攻击行为属于以下哪类攻击",[18,30,39,48,57,66,75,84,93,102],{"answer":19,"createTime":20,"id":21,"options":22,"question":27,"source":28,"type":29},[],"2023-12-14 19:10:42",114104478,[23,24,25,26],"IP欺骗","解密","窃取口令","发送病毒","黑客利用IP地址进行攻击的方法有()","v1",0,{"answer":31,"createTime":20,"id":32,"options":33,"question":38,"source":28,"type":29},[],114104479,[34,35,36,37],"文件共享","拒绝服务","BIND漏洞","远程过程调用","使网络服务器中充斥大量要求回复的信息,消耗带宽,导致网络或系统停止正常服务,这属于什么攻击类型?( )",{"answer":40,"createTime":20,"id":41,"options":42,"question":47,"source":28,"type":29},[],114104480,[43,44,45,46],"缓冲区溢出","网络监听","钓鱼攻击","DDOS攻击","用户收到一封可疑的电子邮件,要求用户提供银行账号及密码,这是属于何种攻击手段?( )",{"answer":49,"createTime":20,"id":50,"options":51,"question":56,"source":28,"type":29},[],114104481,[52,53,54,55],"木马的控制端程序","不用安装","控制端、服务端程序都必须安装","木马的服务器端程序","黑客想要控制某些用户,需要把木马程序安装到用户的机器中,实际上安装的是( )",{"answer":58,"createTime":20,"id":59,"options":60,"question":65,"source":28,"type":29},[],114104482,[61,62,63,64],"木马不像病毒那样具有破坏性","木马不像病毒那样是独立运行的程序","木马不像病毒那样能够自我复制","木马和病毒都是独立运行的程序","以下说法正确的是( )",{"answer":67,"createTime":20,"id":68,"options":69,"question":74,"source":28,"type":29},[],114104484,[70,71,72,73],"撞库","洗库","12306 网站管理员故意泄密","钓鱼邮件","2014 年 12 月 25 日,12306 网站部分用户信息在因特网上疯传,黑客获得这些用户 信息的最可能方式是 ( )",{"answer":76,"createTime":20,"id":77,"options":78,"question":83,"source":28,"type":29},[],114104487,[79,80,81,82],"burpsuite","sqlmap","apache","metasploit","以下哪个不是web渗透测试工具?( )",{"answer":85,"createTime":5,"id":86,"options":87,"question":92,"source":28,"type":29},[],114104488,[88,89,90,91],"渗透测试以攻击者的思维模拟真实攻击,能发现如配置错误等运行维护期产生的漏洞","渗透测试是用软件代替人工的一种测试方法,因此测试效率更高","渗透测试使用人工进行测试,不依赖软件,因此测试更准确","渗透测试中必须要查看软件源代码,因此测试中发现的漏洞更多","某单位开发了一个面向互联网提供服务的应用网站,该单位委托软件测评机构对软件进行了源代码分析、模糊测试等软件安全性测试,在应用上线前,项目经理提出了还需要对应用网站进行一次渗透性测试,作为安全主管,你需要提出渗透性测试相比源代码测试、模糊测试的优势给领导做决策,以下哪条是渗透性测试的优势",{"answer":94,"createTime":5,"id":95,"options":96,"question":101,"source":28,"type":29},[],114104490,[97,98,99,100],"漏洞是存在于信息系统的某种缺陷","漏洞存在于一定的环境中,寄生在一定的客体上","具有可利用性和违规性,它本身的存在虽不会造成破坏,但是可以被攻击者利用,从而给信息系统安全带来威胁和损失","漏洞都是人为故意引入的一种信息系统的弱点","下列哪一些对信息安全漏洞的描述是错误的",{"answer":103,"createTime":5,"id":6,"options":104,"question":16,"source":28,"type":29},[],[8,9,10,11]]