[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fShfC1IIjqI2MhfvixdSgecBM63efUb0l49i6pvlewbA":3},{"answer":4,"createTime":5,"id":6,"options":7,"origin":12,"question":19,"related":20,"source":30,"type":31},[],"2026-01-08 05:46:30",248595465,[8,9,10,11],"ip.addr = 192.168.1.0\u002F24","ip.net == 192.168.1.0\u002F24","subnet 192.168.1.0\u002F24","net 192.168.1.0\u002F24",{"count":13,"courseId":14,"courseImg":15,"courseName":16,"workId":17,"workName":18},36,"53e1d2ef4961cca8eea3e23969ad2cb9","https:\u002F\u002Ftihai-oss-cloud.itihey.com\u002Fimg\u002F03a579384a6dc297c89809b582fcc767.png","默认课程","work_47426045","阶段复习1","捕获过滤器中,过滤整个网段192.168.1.0\u002F24使用",[21,32,41,50,59,68,71,80,89,98],{"answer":22,"createTime":5,"id":23,"options":24,"question":29,"source":30,"type":31},[],248595460,[25,26,27,28],"攻击来自大量分散源,导致追溯和简单基于源 IP 的过滤失效","攻击来自单一固定 IP,更容易屏蔽","分布式攻击无法影响云服务","分布式攻击只能发生在局域网内","哪个选项最能说明&quot;分布式&quot;的危害性","v1",0,{"answer":33,"createTime":5,"id":34,"options":35,"question":40,"source":30,"type":31},[],248595461,[36,37,38,39],"主机无法获取 IP 地址","DNS 解析异常","多个不同 IP 映射到同一个 MAC 地址","无线信号变弱","哪种现象最直接提示可能发生了 ARP 欺骗",{"answer":42,"createTime":5,"id":43,"options":44,"question":49,"source":30,"type":31},[],248595462,[45,46,47,48],"只能对 HTTP 服务生效","与 UDP 泛洪本质相同,因为都不使用握手","只要关闭所有 TCP 端口即可完全防御","常通过占用连接状态表(如半打开连接)来耗尽服务器资源","下列关于 TCP 泛洪(如 SYN 泛洪)哪项描述正确",{"answer":51,"createTime":5,"id":52,"options":53,"question":58,"source":30,"type":31},[],248595463,[54,55,56,57],"栈顶的地址","栈底的地址","传递的参数","函数返回的地址","黑客希望通过缓冲区溢出执行特定的shellcode,一般在栈中精心构造溢出的数据,使其覆盖( )",{"answer":60,"createTime":5,"id":61,"options":62,"question":67,"source":30,"type":31},[],248595464,[63,64,65,66],"只能在抓包前设置","用于抓包后筛选和分析数据包","无法过滤HTTP协议数据","使用BPF语法","关于Wireshark显示过滤器,以下哪项描述是正确的",{"answer":69,"createTime":5,"id":6,"options":70,"question":19,"source":30,"type":31},[],[8,9,10,11],{"answer":72,"createTime":5,"id":73,"options":74,"question":79,"source":30,"type":31},[],248595466,[75,76,77,78],"网络监听","缓冲区溢出","DoS","IP欺骗","向有限的内存空间输入超长的字符串是( )攻击手段",{"answer":81,"createTime":5,"id":82,"options":83,"question":88,"source":30,"type":31},[],248595467,[84,85,86,87],"eth.dst == ff:ff:ff:ff:ff:ff","dst mac ff:ff:ff:ff:ff:ff","mac.dst == ff:ff:ff:ff:ff:ff","ether dst ff:ff:ff:ff:ff:ff","显示过滤器过滤目的MAC地址为 ff:ff:ff:ff:ff:ff 的数据包,应使用",{"answer":90,"createTime":5,"id":91,"options":92,"question":97,"source":30,"type":31},[],248595468,[93,94,95,96],"host == baidu","tcp contains &quot;baidu&quot;","http contains baidu","http.host contains &quot;baidu&quot;","Wireshark 中,显示过滤器支持字符串匹配,如过滤域名包含 &quot;baidu&quot; 可写为",{"answer":99,"createTime":5,"id":100,"options":101,"question":106,"source":30,"type":31},[],248595469,[102,103,104,105],"将攻击者的 MAC 地址与合法主机的 IP 绑定,从而截获或转发流量","修改路由器固件","加密局域网内所有数据包","增加网络带宽","ARP 欺骗的基本目标通常是"]