Vulnerability Scanning Practice Questions

• There is a problem with the export of the question bank. The 1234 option corresponds to ABCD

1. Regarding the definition of vulnerability, which of the following descriptions is incorrect ( )
2. Vulnerabilities are defects and deficiencies in the hardware, software, and protocols of computer systems in system design, implementation, system configuration, or security policies.
3. The vulnerability itself does not cause damage, but it may be exploited by an attacker to gain additional privileges on the computer system
4. Von Neumann believes that the defects of computer systems can only be born, and cannot be produced in the process of use and development.
5. Every platform, whether it is hardware or software, may have vulnerabilities

Answer: C

1. Regarding the cause of the vulnerability, which of the following descriptions is incorrect ( )

1. The loopholes in the application system itself are called the "congenital loopholes" of the application system.
2. The loopholes caused by the negligence of developers during the development of the application system are called "acquired loopholes" of the application system.
3. Under the complex heterogeneous network composed of the mobile Internet, the Internet of Things, and the Internet, application systems have produced more types and numbers of vulnerabilities
4. If there is special security research, it can completely avoid the lack of consideration and incompleteness in the development process, so as to completely avoid the existence of security holes

Answer: D

1. Which of the following descriptions about the vulnerability is incorrect ( )

1. Vulnerability is a state or condition of a system, generally manifested as a deficiency or defect
2. All vulnerabilities can be found through security software scanning
3. Vulnerabilities are usually caused by incorrect system design such as faulty logic, etc.
4. Vulnerabilities have the potential to affect a wide range of hardware and software devices

Answer: B

1. Regarding the harm of vulnerabilities, which of the following descriptions is incorrect ( )

1. Attackers can use vulnerabilities to delete, modify, forge, reorder, replay, insert, etc. destroy the information in the process of storage or transmission, and destroy the integrity of the computer system
2. Attackers can use vulnerabilities to destroy the normal operation of the system or network, resulting in the unavailability of information or network services and destroying the availability of the system
3. Attackers can exploit vulnerabilities to disclose protected information to unauthorized individuals and entities, destroying the confidentiality of the system
4. Attackers can take advantage of the loopholes to make the system unable to complete the specified functions under the specified conditions and within the specified time, destroying the system's ability to control the hardware.

Answer: D

1. Which of the following descriptions about the vulnerability is incorrect ( )

1. Operating system vulnerabilities include defects in the logical design of the operating system or the application software that comes with the operating system and errors in writing
2. Unencrypted sensitive database data is a database vulnerability
3. The vulnerabilities of network devices are only the vulnerabilities of device firmware, not including the vulnerabilities of device software
4. "admin" is a common weak password

Answer: C

1. Regarding database vulnerabilities, which of the following descriptions is incorrect ( )

1. Common database vulnerabilities mainly include privilege escalation of database accounts, unencrypted database sensitive data, and misconfigured databases.
2. Database privilege escalation is often related to misconfiguring the database
3. An attacker with administrator privileges cannot jump from an application to a database without credentials related to the database
4. Problems with the database may be caused by old unpatched vulnerabilities or default account configuration parameters

Answer: C

1. Regarding web vulnerabilities, which of the following descriptions is incorrect ( )

1. CSRF cross-site request forgery attack uses a transparent iframe box to entice users to operate on the page
2. The implementation of the program does not fully filter the directory jump characters such as "../" input by the user, which may cause directory traversal vulnerabilities
3. SQL injection attack (SQL Injection) is a common security vulnerability in WEB development.
4. XSS cross-site scripting attack is a widespread web client vulnerability

Answer: A

1. Regarding vulnerability scanning, which of the following descriptions is incorrect ( )

1. Vulnerability scanning refers to a security detection behavior that detects the security vulnerabilities of specified remote or local computer systems and network devices by scanning and other means, and discovers security risks and vulnerabilities that can be exploited.
2. Vulnerability scanning is a proactive behavior
3. Vulnerability scanning is mainly based on the principle of feature matching
4. When performing vulnerability scanning, first detect the open ports of the target system, and do not need to detect the surviving hosts

Answer: D

1. The principle of vulnerability scanning: 1. Return response; 2. Send detection data packet; 3. Read vulnerability information; 4. Feature matching analysis. The correct order is ( )

1. 1->3->2->4
2. 3->2->1->4
3. 3->4->1->2
4. 4->3->1->2

Answer: B

1. Regarding the vulnerability scanner, which of the following descriptions is incorrect ( )

1. A vulnerability scanner is a program that automatically detects local or remote device and system security vulnerabilities
2. When the attacker scans the target host, the system internal file detection will be performed on the target host
3. The external scanning of the vulnerability scanner can obtain the allocation of various ports of the maintained host, the services provided, the version of the service software, and the security holes presented by these services and software on the network
4. The internal scan of the vulnerability scanner is to scan the internal characteristics of the server maintained by the system administrator

Answer: B

1. Regarding port scanning, which of the following descriptions is incorrect ( )

1. Port scanning is to scan a segment of ports or specified ports one by one
2. Scan results provide insight into the types of network services available on a computer
3. By scanning port 21, you can determine whether the target computer provides WWW service
4. There are generally two ways of port scanning: manual scanning and software scanning.

Answer: C

1. Regarding the smart crawler, which of the following descriptions is incorrect ( )

1. The intelligent crawler crawls directional or non-directional web pages, analyzes them and obtains formatted data
2. The intelligent crawler only includes the core technology of horizontal search
3. The combination of crawler technology and white box technology is applied to web vulnerability scanning and detection
4. If the URL queue to be crawled is empty, a complete round of crawling process is completed

Answer: B

1. Among the principles that must be followed by the white box testing method, the incorrect one is ( )

1. Ensure that all independent paths in a module are tested at least once
2. only need to test true logical value, don't need to test other
3. Check the internal data structure of the program to ensure the validity of its structure
4. Run all loops within the upper and lower bounds and within the operable range

Answer: B

1. Advantages of a network-based vulnerability scanning strategy is incorrect ( )

1. Network-based vulnerability scanners are generally less expensive than host-based vulnerability scanning tools
2. Network-based vulnerability scanners operate without involving the administrator of the target system
3. A network-based vulnerability scanner that does not require anything to be installed on the target system during the detection process
4. A network-based vulnerability scanner with direct access to the target system's file system

Answer: D

1. The advantage of the host-based vulnerability scanning strategy is incorrect ( )

1. High number of vulnerabilities scanned
2. centralized management
3. All communications are not encrypted
4. Network traffic load is small

Answer: C

1. The correct process of vulnerability scanning is ( )

1. Vulnerability detection b. Target discovery c. Information grabbing

1. a->b->c
2. b->c->a
3. a->c->b
4. c->b->a

Answer: B

1. Regarding the various stages of vulnerability scanning, which of the following descriptions is incorrect ( )

1. Target discovery refers to the discovery of target hosts or networks by some means
2. Information grabbing refers to further obtaining the operating system information and open service information of the target host after the target is discovered
3. Vulnerability detection refers to judging whether there are security vulnerabilities based on the collected information, or further testing whether the system has security vulnerabilities that can be exploited by attackers
4. If the target is a network, information grabbing cannot discover the topology of the network, routing devices, and information about each host

Answer: D

1. Regarding ICMP sweep and broadcast ICMP, which of the following descriptions is incorrect ( )

1. The method of polling multiple hosts to determine whether they are online by judging whether the sender has received the ICMP echo response from the target host is called ICMP scanning
2. Broadcast ICMP only needs to send one or two echo requests to the network address and broadcast address of the target network, and can receive ICMP echo responses from all surviving hosts in the target network
3. Broadcasting ICMP must not cause denial of service on the network
4. Broadcast ICMP scanning is generally faster than ICMP scanning

Answer: C

1. Regarding TCP sweeping, which of the following descriptions is incorrect ( )

1. TCP scanning is to perform TCP scanning on multiple targets at the same time
2. Send an ACK packet to the target, if the target is alive, it will receive a RST packet
3. TCP scanning is generally more effective than ICMP probing
4. TCP Sweep is 100% reliable

Answer: D

1. Regarding UDP scanning, which of the following descriptions is incorrect ( )

1. Send a UDP packet to the UDP port of the target host. If there is a service running on this port, the packet will be handed over to the service process for processing
2. Send a UDP packet to the UDP port of the target host. If no service is running on this port, the system will return an ICMP packet to the source host
3. UDP scanning is UDP scanning to multiple targets at the same time
4. The method of UDP scanning is very reliable, and the time to find the target is very short

Answer: D

1. Regarding port scanning, which of the following descriptions is incorrect ( )

1. Port scanning must have administrator privileges to perform
2. Port scanning can quickly obtain the open ports and service information of the target host, so as to prepare for the vulnerability detection stage
3. Port scanning usually sends probe information to all ports (from 0 to 65535) of the target host, and then analyzes the returned messages to obtain information about the open ports and running services of the target host
4. Port scans are easily filtered or logged

Answer: A

1. Regarding service identification, which of the following descriptions is incorrect ( )

1. Service identification is a technique used in the information extraction phase
2. Service identification can only identify services that actively provide handshake information
3. Service identification can use Netcat to try to establish a connection with the port of the target, and make a preliminary judgment based on the returned information
4. Service identification can first guess the service type, then imitate the client to send commands, and wait for the server's response

Answer: B

1. Regarding the 4 techniques of vulnerability detection, the incorrect one in the following description is ( )

1. Application-based detection technology: Uses a passive, non-destructive method to check the settings of application software packages to find security vulnerabilities
2. Host-based detection technology: a passive, non-destructive approach to system detection
3. Object-based detection technology: It uses a passive, non-destructive approach to check system attributes and file attributes, such as databases, registration numbers, etc.
4. Network-based detection technology: it uses a passive, non-destructive approach to check whether the system may be attacked and crashed

Answer: D

1. Regarding the method of vulnerability identification strategy, the incorrect one in the following description is ( )

1. Direct testing refers to the method of using the characteristics of vulnerabilities to discover system vulnerabilities through penetration methods.
2. Inference refers to the method of judging the existence of vulnerabilities without using system vulnerabilities
3. Credentialed testing refers to the method of providing the user name or password of the target system to the testing process
4. Check for DOS vulnerabilities, it is recommended to use the direct test method, try a direct attack to test whether the vulnerability exists

Answer: D

1. The security protection level of the information system is incorrect ( )

1. The first level, when the information system is damaged, it will cause damage to the legitimate rights and interests of citizens, legal persons and other organizations , but will not damage national security, social order and public interest. Units operating and using information systems at the first level shall protect them in accordance with relevant national management norms and technical standards .
2. Level 3: After the information system is damaged, it will seriously damage the legitimate rights and interests of citizens, legal persons and other organizations , or cause damage to social order and public interests, but will not damage national security. The national information security supervision department shall provide guidance on the level protection of information system security at this level .
3. The fourth level, when the information system is damaged, it will cause particularly serious damage to social order and public interests , or cause serious damage to national security . The national information security supervision department conducts mandatory supervision and inspection of the security level protection work of this level of information system.
4. The fifth level, when the information system is damaged, it will cause particularly serious damage to national security . The national information security supervision department conducts special supervision and inspection on the level protection of information system security at this level.

Answer: B

1. Common security baseline detection does not include ( )

1. cyber security
2. host security
3. regional security
4. application security

Answer: C

1. Which of the following vulnerabilities is not a network device vulnerability ( )

1. Firewall Vulnerabilities
2. Switch Device Vulnerabilities
3. Windows system vulnerabilities
4. Webcam Vulnerabilities

Answer: C

1. Regarding the switch, which of the following descriptions is incorrect is ( )

1. ARP vulnerabilities and CSRF vulnerabilities are all switch vulnerabilities
2. The VLAN hopping vulnerability exploits the Dynamic Trunking Protocol (DTP)
3. Hackers can use the working method of spanning tree protocol to launch DDOS attacks on switches
4. Sending large packets to content addressable memory (CAM) crashes the switch

Answer: A

1. Regarding the working method of the switch, which of the following descriptions is incorrect ( )

1. Two interconnected switches in a VLAN negotiate through Dynamic Trunking Protocol (DTP)
2. The MAC source address recorded when the frame enters the switch has nothing to do with the port the frame entered
3. Using Spanning Tree Protocol to prevent loops in redundant switching environments
4. VLAN trunking protocol can reduce the number of configurations in a switched environment

Answer: B

1. Regarding network device vulnerability scanning, which of the following descriptions is incorrect ( )

1. Scanners are generally able to expose potential vulnerabilities on the network
2. Scanning technology based on TCP/IP protocol
3. Only test these network devices with unknown vulnerabilities
4. The function of the scanner includes discovering the survival of the system and judging whether the service is running

Answer: C

1. Regarding the vulnerability scanner, which of the following descriptions is incorrect ( )

1. Nmap determines other information based on the results of the port scan
2. Nmap can perform operating system service determination and operating system fingerprint determination
3. Nessus can check system vulnerabilities and some configuration errors
4. WEB application scanner can only detect the basic situation of the system and network

Answer: D

1. Regarding commercial vulnerability scanners, which of the following descriptions is incorrect ( )

1. Most commercial scanners work in black box mode,
2. False positives and false negatives are completely circumvented by existing commercial scanners
3. The specific scanning information of commercial scanners includes: status scanning, vulnerability verification, and weak password scanning
4. The concept of repair linkage is proposed in the new generation of commercial scanners

Answer: B

1. For the workflow of Nmap: 1. Service identification; 2. Viability scanning; 3. Operating system identification; 4. Port scanning. The correct order is ( )

1. 4->2->1->3
2. 4->2->3->1
3. 2->4->1->3
4. 2->4->3->1

Answer: C

1. Regarding the work of Nmap, the following description is incorrect ( )

1. A liveness scan is a large-scale assessment of the liveness of a larger network
2. Port scanning only judges the opening and closing of ports for surviving hosts
3. Service identification can determine the services and versions provided by the host through the results of port scanning
4. Operating system identification is to use service identification to determine the type and version of the operating system

Answer: B

1. Regarding evasion techniques, which of the following descriptions is incorrect ( )

1. Evasion technology uses ICMP error messages generated by the detected host to perform complex host detection
2. The wrong field value filled in the IP packet sent to the target host can detect the target host and network equipment
3. The length of the constructed data packet only needs to exceed the PMTU of the router where the target system is located to detect the internal router
4. Reverse mapping probes are used to detect networks and hosts protected by filtering devices or firewalls

Answer: C

1. Regarding fingerprint identification technology, which of the following descriptions is incorrect ( )

1. The purpose of fingerprint recognition technology includes identifying the type of an operating system
2. Active fingerprint identification technology adopts active contract sending and repeated testing and screening of different information
3. Passive identification technology generally does not need to send data packets
4. The detection accuracy of the active identification technology is only related to the configuration, not affected by the number of hops between the target host and the source host

Answer: D

1. Regarding UDP scanning, the following description is incorrect ( )

1. The basic principle of UDP scanning is: when a message is sent to a UDP port, and the port is closed, the port will return an ICMP message
2. The UDP scanning method does not contain any part of the standard TCP three-way handshake protocol, and has good concealment
3. Because UDP is not connection-oriented, the scanning speed of UDP is faster
4. The data packets used by UDP scanning are prone to be discarded when passing through the network, resulting in false detection information

Answer: C

1. Regarding the security protection measures of the router, which of the following descriptions is incorrect ( )

1. Set a specific IP address for the router
2. Use wireless security settings for routers, no need to configure other parameters
3. Perform network segmentation and wireless MAC address filtering
4. Combining Port Forwarding and IP Filtering

Answer: B

1. Regarding the security protection measures of network equipment, which of the following practices is incorrect ( )

1. You can use "Telnet" to manage the device
2. Modify the default administrator account and password
3. Set device logs to be periodically sent to a dedicated server for storage
4. Regularly check the device software version

Answer: A

1. The management function of the operating system does not include ( )

1. Process and Processor Management
2. job management
3. User Transaction Management
4. file management

Answer: C

1. Regarding Windows operating system vulnerabilities, which of the following descriptions is incorrect ( )

A．Elevation of Privilege Vulnerability exists in Edge in Microsoft Windows because the program does not properly enforce cross-domain policies

B．The Kernel API in Microsoft Windows has a local information disclosure vulnerability. Attackers can use this vulnerability to inject cross-process communication through specially crafted applications and interrupt system functions.

C．A remote code execution vulnerability exists in Microsoft Windows RPC. Due to the improper handling of requests by the remote access service, remote attackers can exploit the vulnerability to execute arbitrary code

D．A security bypass vulnerability exists in Device Guard in Microsoft Windows where the program fails to properly validate untrusted files

Answer: B

1. Regarding the vulnerability of the Unix operating system, which of the following descriptions is incorrect ( )

1. Using the Home environment variable can attack the Unix system
2. Path's attack method is to use the value and order of the Path environment variable file path
3. The IFS variable only determines the contents of the string passed to the shell
4. Establishing a Umask value before creating a file can make the file more secure

Answer: C

1. Regarding the vulnerabilities of the Linux operating system, which of the following descriptions is incorrect ( )

1. The write operation using the management file in Linux will cause the file to be tampered with
2. Attackers can use Linux Kernel to bypass KASLR security restrictions
3. Processes terminated without resetting or clearing the memory they were running in can create a leak
4. It is completely impossible for kernel wireless extensions to cause memory leak vulnerabilities

Answer: D

1. Regarding the PING scan, the following description is incorrect ( )

1. PING scan is used in the first stage of vulnerability scanning
2. PING scan usage is ping+target IP address
3. PING scanning can help identify whether the target host or system is active by receiving ICMPechoreply from the other party
4. PING scanning will not fail

Answer: D

1. Regarding the fingerprint detection technology of the TCP/IP protocol stack, which of the following descriptions is incorrect ( )

1. The TCP/IP protocol stack fingerprint technology is to determine the operating system type of the target host by detecting some subtle differences in the implementation of the TCP/IP protocol stack by various operating systems
2. Active protocol stack fingerprinting technology can only passively capture data packets sent by remote hosts
3. The active protocol stack fingerprinting technology judges the operating system information of the target host by extracting and analyzing the characteristic information of the response data packet
4. After the passive protocol stack fingerprint technology captures a data packet, it can be analyzed from four aspects: lifetime (TTL), sliding window size (WS), fragmentation permission (DF) and service type (TOS)

Answer: B

1. Regarding fingerprinting based on RTO sampling, the following description is incorrect ( )

1. The full name of RTO is Retransmission Timeout
2. Using different operating systems to calculate the RTO method is different, which can realize the detection of the remote host operating system
3. The fingerprint identification method based on RTO sampling will not generate malformed data packets in the network at all and takes a short scan time
4. Using the blocking module to prevent the SYN/ACK packet of the target port from reaching the scanning host will force the target host to resend the SYN/ACK packet over time

Answer: C

1. Regarding fingerprint identification based on ICMP responses, which of the following descriptions is incorrect ( )

1. ICMP is used to transfer control information between hosts and routers, including reporting errors, exchanging restricted control and status information, etc.
2. When the IP router cannot forward the data packet according to the current transmission rate, it will automatically send the ICMP message
3. ICMP messages are generally divided into two types: ICMP response messages and ICMP error messages
4. The disadvantage of the fingerprint identification method based on ICMP response is that the detection technology is single, only depends on one type of data packet, and the stability is insufficient

Answer: C

1. Regarding port scanning technology, which of the following descriptions is incorrect ( )

1. Port scanning generally points to the TCP or UDP port of the target host to send detection packets
2. Full TCP scan judges the openness of the target machine's listening port according to the return value of the connect() connection
3. In TCP FIN scanning, the FIN bit in the packet sent by the scanning host is set, and if the target port is closed, the probe packet is discarded
4. UDP ICMP scanning sends a UDP probe packet to the UDP port. If the target port is closed, an ICMP port unreachable packet is returned

Answer: C

1. Regarding the vulnerability protection measures of the Windows system, which of the following practices is incorrect ( )

1. Set the system disk format to FAT/FAT32
2. According to the needs of your own system, choose to close unnecessary and dangerous services
3. Modify the registry to disallow empty connections
4. Modify the registry to disable default sharing

Answer: A

1. Regarding the vulnerability protection measures of the Unix operating system, which of the following practices is incorrect ( )

1. The system administrator only enters the super user during system maintenance, and should exit from this user in time after the operation is completed
2. Non-root users are not allowed to use netstat, ps, ifconfig, and su commands
3. Banning accounts without passwords
4. Add the exit command at the end of the SHome.profile file to return to the login state when the user exits the business processing program

Answer: D

1. Regarding the vulnerability protection measures of the Linux operating system, which of the following practices is incorrect ( )

1. Files/directories related to system security and settings are generally not allowed to be accessed by ordinary users unless necessary
2. Open the telent service and ssh service for remote connection
3. Edit the service startup file of the corresponding startup level in the /etc/rc.d directory, and close redundant services
4. Linux system administrators should update the latest core of the system and apply security patches in time

Answer: B

1. Regarding database vulnerabilities, which of the following descriptions is incorrect ( )

1. Typical database intrusion methods include database-side SQL injection, database account privilege escalation, database buffer overflow, etc.
2. Database vulnerabilities can be mainly divided into two categories: database software vulnerabilities and database application logic vulnerabilities
3. Although database application logic vulnerabilities appear in the database, the final intrusion is the application program, which has nothing to do with the database
4. Database-side SQL injection is a representative of database application logic vulnerabilities

Answer: C

1. Which of the following components is not a main component of database software is ( )

1. Non-relational database management system
2. relational database management system
3. SQL programming components
4. Network monitoring component

Answer: A

1. Regarding the network monitoring component, the following description is incorrect ( )

1. The network monitoring component is rewritten by the trigger buffer, which may cause the database server to fail to respond to the client
2. It is possible to trigger a buffer overflow by sending a packet containing abnormal data to the network listening component
3. Bypassing the authentication of the network monitoring component, it may be possible to obtain a legitimate database account and password
4. The possibility of the network monitoring component of the database being attacked must be inversely proportional to the complexity of its protocol

Answer: D

1. Regarding the security issues of the database engine, which of the following descriptions is incorrect ( )

1. The database engine includes many different processing logics and processes necessary to ensure the efficient and smooth operation of the database
2. The database engine allows users to create a running environment for programs to execute inside the database
3. The cve-2008-0107 vulnerability of SQL SERVER 2005 allows attackers to control the server where SQL SERVER is located through the integer buffer overflow vulnerability
4. The security issues of the database engine can be completely avoided after optimizing the design

Answer: D

1. Regarding remote server vulnerabilities and local vulnerabilities, which of the following descriptions is incorrect ( )

1. Remote server vulnerabilities mainly refer to vulnerabilities located in the process of providing network services
2. Using the remote server vulnerability, an attacker can directly attack on another computer through the network without any action from the user
3. Local vulnerabilities are vulnerabilities that must be logged on to the computer where the software is installed to be exploited
4. Local vulnerabilities are the most threatening because they are easy to exploit

Answer: D

1. Regarding the causes of database vulnerabilities, which of the following descriptions is incorrect ( )

1. Improper database management
2. User logs in to the database
3. Database permission management is not strict enough
4. The database itself has security holes

Answer: B

1. The task of database scanning does not include ( )

1. Analyze internal insecure configurations to prevent unauthorized access
2. User authorization status scanning, easy to find accounts with broad permissions
3. Completely delete sensitive and confidential data
4. Guess weak passwords and find unsafe password settings

Answer: C

1. The main technical route of database vulnerability scanning does not include ( )

1. black box testing
2. white box testing
3. gray box testing
4. penetration testing

Answer: C

1. Regarding white box testing, which of the following descriptions is incorrect ( )

1. White box testing technology section applied to database vulnerability scanning
2. The premise of the white-box detection method is that the database user name and password are known
3. The advantages of the white box detection method are: high hit rate and high scalability
4. The white box detection method cannot scan out the low security configuration and weak password of the database at all

Answer: D

1. Regarding the core technology of database vulnerability scanning, which of the following descriptions is incorrect ( )

1. The smart port discovery technology usually obtains the port information of the specified database in an "active way"
2. There are many types of vulnerabilities in the database, so various vulnerabilities can often be found during scanning
3. The matching technology of the vulnerability database is based on the database system security vulnerability knowledge base, so that vulnerabilities can be found according to certain matching rules
4. The effectiveness of the matching technique of the vulnerability database is completely independent of the integrity of the vulnerability database

Answer: D

1. Regarding the handling of database vulnerabilities, which of the following descriptions is incorrect ( )

1. The security information officer of the database system should regularly scan the database for security
2. The security information officer of the database system needs to always pay attention to the official information and update the database system in time
3. The security information officer of the database system should focus on database vulnerabilities, and there is no need to update the application system where the database is located
4. The security information officer of the database system should pay attention to preventing SQL injection

Answer: C

1. Regarding the prevention of SQL injection, the following description is incorrect ( )

1. Preventing SQL injection mainly lies in strictly verifying the legitimacy of user input
2. To prevent SQL injection, all equal signs in user input data can be filtered out
3. To prevent SQL injection, validators can be used to verify user input
4. To prevent SQL injection, you can use parameterized stored procedures to access the database

Answer: B

1. Regarding the database security protection system, which of the following descriptions is incorrect ( )

1. The database security protection system comprehensively protects data security through pre-warning, in-process protection and post-event auditing
2. The database monitoring and scanning system in the database security protection system can monitor and scan the database system fully automatically, find out the existing loopholes in the database early, and provide repair instructions
3. The database firewall system uses authority control and encrypted storage. Users only need ordinary authority to encrypt core data and set access authority.
4. The database audit system audits all operations of the database, records, analyzes, identifies and determines risks in real time, and provides audit reports

Answer: C

1. Regarding HTTP features, the following description is incorrect ( )

1. HTTP is connection based
2. HTTP is generally built on top of the TCP/IP protocol
3. HTTP protocol default port number is 80
4. HTTP can be divided into two parts: request and response

Answer: A

1. Regarding the HTTP request, the following description is incorrect ( )

1. An HTTP request consists of three parts: status line, request header, and request body
2. The status line is composed of request method, path, protocol, etc., and each element is separated by a space
3. The request header can provide user agent information
4. The request body of the POST request is all empty

Answer: D

1. Regarding the HTTP response, the following status code description is incorrect ( )

1. 1xx: Indicates that the request has been accepted and continues processing
2. 2xx: Indicates that the request has been processed
3. 3xx: generally indicates that the client has an error and the request cannot be realized
4. 5xx: generally a server-side error

Answer: C

1. Regarding common WEB security vulnerabilities, which of the following descriptions is incorrect ( )

1. Injection attacks generally occur when untrusted data is sent to the interpreter as part of a command or query
2. Broken authentication and session management can allow attackers to compromise passwords, keys, session tokens, or exploit other vulnerabilities to impersonate other users
3. Broken access control refers to the lack of effective restrictions on the operations that authenticated users can perform
4. A cross-site scripting (XSS) attack can force a logged-in user's browser to send a forged HTTP request, including the victim's session cookie and all other auto-filled authentication information, to a vulnerable web application

Answer: D

1. Security configuration vulnerability scan does not include ( )

1. Check whether the software is updated in time
2. Detect if unnecessary features are used or installed
3. Check if the user file is saved
4. Detects whether error handling mechanisms prevent stack traces

Answer: C

1. Regarding the common WEB restricted access, which of the following descriptions is incorrect ( )

1. Restricted access refers to the differential control of permissions
2. Restricting access needs to clarify which resources and who can perform which operations
3. Users can log in after the shopping order is confirmed, no need to log in in advance
4. It is confirmed that the visitor is a registered user, but it is not allowed to access the resources of VIP users or perform related operations

Answer: C

1. The design of the following login passwords is not easy to be cracked ( )

1. The password has less than 4 digits
2. The password consists of your birthday
3. Use the initial password by default
4. The password must have at least 8 digits and consist of numbers and letters

Answer: D

1. Which of the following account blocking designs is unreasonable ( )

1. As long as it is detected that the entered password does not match the actual password, the account will be blocked immediately
2. If the phenomenon of automatic unlocking after locking occurs more than twice within a period of time, and the system judges that they all come from the same IP, it is necessary to block the IP
3. Mandatory password reset after unlocking
4. The bank account needs to be manually unlocked by the operator

Answer: A

1. What is unreasonable in the design of the following email authentication is ( )

1. Send an email to the email address entered by the user when the registration is submitted
2. When modifying and submitting, you need to send an email to the new email address you entered
3. When new registration, you need to attach an activation link to the temporary confirmation email, and you don’t need this operation at all for modifications after registration
4. When modifying and submitting, you need to send an email to the old mailbox, explaining that the mailbox has been modified this time and the old mailbox will become invalid in the future

Answer: C

1. Regarding common WEB session management, which of the following descriptions is incorrect ( )

1. Session is used to mark and track WEB users
2. Cookies are different, SessionID is the same, this session is valid
3. It is recommended that the SessionID be composed of irregular and sufficiently long numbers, letters, and symbols
4. It is not recommended to directly process the SessionID in the URL

Answer: B

1. In the use process of Session, after the Session ID is determined, it should be ( )

1. Confirm whether the browser carries the Session ID
2. Use this Session ID directly
3. Regenerate a new Session ID
4. Assign this Session ID to the browser

Answer: A

1. The following passwords are not weak passwords ( )

1. 123aaa
2. Dfsj78jbkpdH3G
3. admin、
4. guest

Answer: B

1. Regarding the user name and password, which of the following descriptions is incorrect ( )

1. Username (Username) is the account name to log in (login, log in, enter, etc.), that is, the identification code on all websites
2. Mount Everest can be a username
3. There is no strict and accurate definition of weak passwords. Generally, passwords that are easy to be guessed by others and cracked by cracking tools are considered to be weak passwords.
4. The password composed of the user's ID number is not a weak password, because the password is long and difficult to crack

Answer: D

1. Which of the following weak password types does not belong to the system weak password ( )

1. FTP weak password
2. Tomcat weak password
3. Terminal Services weak password
4. Telnet weak password

Answer: B

1. Regarding cryptanalysis, which of the following descriptions is incorrect ( )

1. Only ciphertext cracking refers to the cryptanalyst who knows the encryption algorithm, masters one or several ciphertexts to be decrypted, and analyzes the intercepted ciphertexts to obtain plaintext or passwords.
2. The deciphering of known plaintext refers to the known encryption algorithm of the cryptanalyst, who has mastered a piece of plaintext and the corresponding ciphertext, with the purpose of discovering the encryption key
3. Differential comparison analysis is a kind of selected plaintext deciphering method. The cryptanalyst tries to let the opponent encrypt a group of similar but slightly different plaintexts, and then compares their encrypted results to obtain the encrypted key.
4. If a cryptosystem is resistant to ciphertext-only attacks, then it is certainly resistant to chosen-plaintext and known-plaintext attacks

Answer: D

1. Regarding password cracking, which of the following descriptions is incorrect ()

1. Using a dictionary of 10,000 words can generally guess 70% of the passwords in the system.
2. There is a password that can never be broken
3. Using dictionary words but concatenating several letters and numbers at the end of the word, this is a combination attack for password cracking
4. The dictionary file is a list file of passwords that a user may use based on various information of the user

Answer: B

1. Regarding the hazards of improper software configuration, which of the following descriptions is incorrect ( )

1. Over time, IT systems and their configurations will inevitably fall into disorder, but it will not cause harm at all
2. "Misconfigured software" generally does not cause damage by itself, but it can often be exploited by attackers
3. Improper software configuration can cause extremely serious financial losses
4. Ongoing changes to the environment's hardware and software may result in information system performance degradation, unplanned downtime, data loss, cybersecurity incidents, and data breaches

Answer: A

1. Causes of improper software configuration do not include ( )

1. Server configuration process error
2. Untested software is deployed into existing business systems
3. Test the software in a pre-production environment in advance
4. The existing software environment has not been tested, patched for a long time

Answer: C

1. The configuration check function of the Netsor SecVSS 3600 vulnerability scanning system, the objects that cannot be checked are ( )

1. operating system
2. Monitoring equipment
3. Internet equipment
4. safety equipment

Answer: B

1. The wrong description about the issues that need attention in security configuration verification is ( )

1. Network equipment, host equipment, middleware configuration
2. Host device, middleware configuration, application configuration
3. Application configuration, middleware configuration, network management configuration
4. Intermediate configuration, network equipment, database equipment

Answer: C

1. Which of the following statements about the security baseline is correct ( )

1. The security baseline (BaseLine) is a complete security control to maintain the confidentiality, integrity and availability of the information system security, and the information system will be absolutely safe
2. Security baselines only cover the technical level
3. The security baseline (BaseLine) is the minimum security guarantee of the system and the most basic security requirement
4. The security baseline only covers the management level

Answer: C

1. The coverage of security baseline and configuration verification is incorrect ( )

1. password policy
2. System communication speed
3. log audit
4. user account

Answer: B

1. The statement about the security baseline and configuration verification based on network communication is incorrect ( )

1. The firewall should be properly configured to only allow specific hosts to access intranet devices
2. The firewall provides external services through UDP/TCP protocol for external hosts to access
3. NTP server, TELNET server, TFTP server, FTP server, SSH server, etc. need to be checked
4. When the firewall is not in use, configuration verification is completely unnecessary

Answer: D

1. The baseline configuration verification standard of the Ministry of Industry and Information Technology does not include ( ) requirements.

1. account password
2. certified
3. protocol security
4. protection software

Answer: D

1. The statement about protocol security in the baseline configuration verification standard of the Ministry of Industry and Information Technology is incorrect ( )

1. Routing policies should be properly configured to prohibit publishing or receiving insecure routing information
2. For devices with TCP/UDP functions, the traffic irrelevant to the business should be filtered according to the business needs
3. Security access control should be properly configured on the network border to filter known security attack data packets
4. When intranet devices use IP protocol for remote maintenance, no encryption is required

Answer: D

1. The statement about account management and authentication and authorization in China Mobile's configuration verification standard is incorrect ( )

1. Different accounts should be allocated according to different users, avoid sharing accounts between different users, and avoid sharing user accounts and accounts used for communication between devices
2. For devices using static password authentication technology, the lifetime of account passwords is longer than 120 days
3. Within the device permission configuration capability, configure the minimum permissions required by the user according to the business needs of the user
4. Reasonable restrictions on remote login by users with super administrator privileges

Answer: B

1. The security protection level of the information system in the configuration verification standard of the Ministry of Public Security is incorrect ( )

1. With the acceleration of government informatization, the network environment of e-government is becoming more and more complex, and computer terminals have become the weak link in government information security work.
2. Information security level protection is a basic system of information security guarantee in our country
3. The security protection level of the information system is only determined by the importance of the information system, and has nothing to do with other factors
4. The information security level configuration verification standard is in accordance with the national information security level protection standard specification, and the information security level verification standard is tested and evaluated

Answer: C

1. The statement in China Telecom's security configuration verification standard is incorrect ( )

1. Different accounts should be allocated according to different users, avoid sharing accounts between different users, and avoid sharing user accounts and accounts used for communication between devices
2. For devices using static password authentication technology, the lifetime of the account password is not longer than 90 days
3. Enable built-in firewall, completely disable third-party protection software
4. Forced shutdown of local and remote systems is generally only assigned to the Administrators group

Answer: C

1. Regarding the China Mobile Security Configuration Verification Standard, the statement about the security configuration requirements of the IP protocol is incorrect ( )

1. The device should support the corresponding table listing the IP service ports open to the outside world and the internal processes of the device
2. The host system considers prohibiting ICMP redirection and adopting static routing
3. Disable ARP completely
4. For systems that do not perform routing functions, the packet forwarding function should be turned off reasonably

Answer: C

1. The international authoritative organization CERT announced a large number of network security vulnerabilities excluding ( )

1. operating system
2. Internet equipment
3. safety equipment
4. Network management system

Answer: D

1. The security specifications and network security requirements issued by government departments in recent years do not include ( )

1. Classification criteria for computer information system security protection
2. Technical Requirements for Hierarchical Protection of Information Systems Involving State Secrets
3. Ministry of Public Security Cyber ​​Security Guidelines
4. National Security Law

Answer: C

1. Vulnerability scanning requirements of Internet companies do not include ( )

1. Establish a sound vulnerability management and risk assessment system
2. Quickly discover the possible risks of internal assets
3. Ensuring that companies meet compliance requirements
4. Improve operation and maintenance efficiency

Answer: D

1. The statement about the architecture of Netsor SecVSS 3600 vulnerability scanning system is incorrect ( )

1. Wangshen SecVSS 3600 vulnerability scanning system is based on its own SecOS network operating system
2. The Netsor SecVSS 3600 vulnerability scanning system uses a rule base based on script plug-ins to perform black-box testing on the target system
3. Netsor SecVSS 3600 vulnerability scanning system is a penetration deployment product
4. The targets that Netsor SecVSS 3600 vulnerability scanning system can detect include operating systems, databases, network devices, firewalls and other products

Answer: C

1. Which of the following is incorrect about the solution advantages of the Netsor SecVSS 3600 vulnerability scanning system ( )

1. The Netsor SecVSS 3600 vulnerability scanning system can efficiently call multiple core processors to scan vulnerabilities in parallel to improve product scanning performance
2. Netsor SecVSS 3600 vulnerability scanning system can completely avoid WEB attacks
3. The configuration check function of the Netsor SecVSS 3600 vulnerability scanning system is mainly to check the configuration of the operating system, database, network equipment and other systems, and check whether the configuration meets the standards
4. NetGod SecVSS 3600 vulnerability scanning system also provides test scans for the simplest and most violent anti-denial of service attacks, improving the anti-attack capabilities of operating systems, hardware devices, and website services under heavy traffic pressure

Answer: B

1. The statement about Netsor SecVSS 3600 vulnerability scanning system is incorrect ( )

1. Netsor SecVSS 3600 Vulnerability Scanning System conducts penetration testing for traditional operating systems
2. Netsor's SecVSS 3600 vulnerability scanning system can prevent hacker attacks from happening
3. Netsor SecVSS 3600 Vulnerability Scanning System also has unique features for web security
4. The Netsor SecVSS 3600 vulnerability scanning system has a built-in weak password dictionary, which can test whether there are weak passwords in the password

Answer: B

1. NetGod SecVSS 3600 Vulnerability Scanning System does not include ( ) for traditional operating systems

1. Windows
2. IOS
3. Unix
4. Linux

Answer: B