[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fxmgAX0e_0j4h5pJ-CzIZDPyvssgOKActteurt6WwyUw":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":19,"related":20,"source":24,"type":25},[],"2026-01-08 05:46:30",248595460,[8,9,10,11],"攻击来自大量分散源,导致追溯和简单基于源 IP 的过滤失效","攻击来自单一固定 IP,更容易屏蔽","分布式攻击无法影响云服务","分布式攻击只能发生在局域网内",{"count":13,"courseId":14,"courseImg":15,"courseName":16,"workId":17,"workName":18},36,"53e1d2ef4961cca8eea3e23969ad2cb9","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F03a579384a6dc297c89809b582fcc767.png","默认课程","work_47426045","阶段复习1","哪个选项最能说明&quot;分布式&quot;的危害性",[21,26,35,44,53,62,71,80,89,98],{"answer":22,"createTime":5,"id":6,"options":23,"question":19,"source":24,"type":25},[],[8,9,10,11],"v1",0,{"answer":27,"createTime":5,"id":28,"options":29,"question":34,"source":24,"type":25},[],248595461,[30,31,32,33],"主机无法获取 IP 地址","DNS 解析异常","多个不同 IP 映射到同一个 MAC 地址","无线信号变弱","哪种现象最直接提示可能发生了 ARP 欺骗",{"answer":36,"createTime":5,"id":37,"options":38,"question":43,"source":24,"type":25},[],248595462,[39,40,41,42],"只能对 HTTP 服务生效","与 UDP 泛洪本质相同,因为都不使用握手","只要关闭所有 TCP 端口即可完全防御","常通过占用连接状态表(如半打开连接)来耗尽服务器资源","下列关于 TCP 泛洪(如 SYN 泛洪)哪项描述正确",{"answer":45,"createTime":5,"id":46,"options":47,"question":52,"source":24,"type":25},[],248595463,[48,49,50,51],"栈顶的地址","栈底的地址","传递的参数","函数返回的地址","黑客希望通过缓冲区溢出执行特定的shellcode,一般在栈中精心构造溢出的数据,使其覆盖( )",{"answer":54,"createTime":5,"id":55,"options":56,"question":61,"source":24,"type":25},[],248595464,[57,58,59,60],"只能在抓包前设置","用于抓包后筛选和分析数据包","无法过滤HTTP协议数据","使用BPF语法","关于Wireshark显示过滤器,以下哪项描述是正确的",{"answer":63,"createTime":5,"id":64,"options":65,"question":70,"source":24,"type":25},[],248595465,[66,67,68,69],"ip.addr = 192.168.1.0\u002F24","ip.net == 192.168.1.0\u002F24","subnet 192.168.1.0\u002F24","net 192.168.1.0\u002F24","捕获过滤器中,过滤整个网段192.168.1.0\u002F24使用",{"answer":72,"createTime":5,"id":73,"options":74,"question":79,"source":24,"type":25},[],248595466,[75,76,77,78],"网络监听","缓冲区溢出","DoS","IP欺骗","向有限的内存空间输入超长的字符串是( )攻击手段",{"answer":81,"createTime":5,"id":82,"options":83,"question":88,"source":24,"type":25},[],248595467,[84,85,86,87],"eth.dst == ff:ff:ff:ff:ff:ff","dst mac ff:ff:ff:ff:ff:ff","mac.dst == ff:ff:ff:ff:ff:ff","ether dst ff:ff:ff:ff:ff:ff","显示过滤器过滤目的MAC地址为 ff:ff:ff:ff:ff:ff 的数据包,应使用",{"answer":90,"createTime":5,"id":91,"options":92,"question":97,"source":24,"type":25},[],248595468,[93,94,95,96],"host == baidu","tcp contains &quot;baidu&quot;","http contains baidu","http.host contains &quot;baidu&quot;","Wireshark 中,显示过滤器支持字符串匹配,如过滤域名包含 &quot;baidu&quot; 可写为",{"answer":99,"createTime":5,"id":100,"options":101,"question":106,"source":24,"type":25},[],248595469,[102,103,104,105],"将攻击者的 MAC 地址与合法主机的 IP 绑定,从而截获或转发流量","修改路由器固件","加密局域网内所有数据包","增加网络带宽","ARP 欺骗的基本目标通常是"]