ÍøÂ簲ȫÓÉÓÚ²»Í¬µÄ»·¾³ºÍÓ¦Óöø²úÉú£¬ÎªÁ˸üºÃµÄ·ÀÖ¹ÍøÂ簲ȫÎÊÌâ·¢Éú£¬½øÐÐÍøÂ簲ȫÅàѵ¡£ÏÂÃæÊÇС±à·ÖÏí¸ø´ó¼ÒµÄÍøÂ簲ȫÅàѵÊÔÌ⣬ϣÍû¶Ô´ó¼ÒÓаïÖú¡£
ÊÇ·ÇÌâ
1¡¢ÉÏ´«¼ì²éÎļþÀ©Õ¹ÃûºÍ¼ì²éÎļþÀàÐÍÊÇͬһÖÖ°²È«¼ì²é»úÖÆ(¡Á)(À©Õ¹Ãû¿ÉÒÔαÔì)
2¡¢Õþ¸®ÍøÕ¾ÃæÁÙÍþвÒÀÈ»ÑÏÖØ,µØ·½Õþ¸®ÍøÕ¾³ÉΪ¡°ÖØÔÖÇø¡±(¡Ì)
3¡¢web©¶´·¢¾ò·½Ê½Ö÷Òª·ÖΪºÚºÐģʽºÍ°×ºÐģʽ(¡Ì)
ºÚºÐ£ºÓÖ±»³ÆΪ¹¦ÄܲâÊÔ¡¢Êý¾ÝÇý¶¯²âÊÔ»ò»ùÓÚ¹æ¸ñ˵Ã÷µÄ²âÊÔ£¬ÊÇͨ¹ýʹÓÃÕû¸öÈí¼þ»òijÖÖÈí¼þ¹¦ÄÜÀ´ÑϸñµØ²âÊÔ¡£
4¡¢XSS¿çÕ¾½Å±¾Â©¶´Ö÷ÒªÓ°ÏìµÄÊÇ¿Í»§¶Ëä¯ÀÀÓû§(¡Ì)Cross Site Scripting,Ö¸ÀûÓÃÍøվ©¶´´ÓÓû§ÄÇÀï¶ñÒâµÁÈ¡ÐÅÏ¢
5¡¢DDOSÊÇÖ¸¼¯ÖÐʽ¾Ü¾ø·þÎñ¹¥»÷(¡Á)
¼ò´ðÌâ
1¡¢ ¼òÊöDOSºÍDDOSµÄÇø±ð£º
´ð£ºDOSÒâ˼ÊÇ Denial of service µÄËõд£¬Ò²¾ÍÊÇÍøÂç²úÉúµÄ³õÆÚ£¬ÓÃһ̨¸ßÅäµÄÉ豸ȥ¹¥»÷һ̨µÍÅäµÄÉ豸£¬Ôì³É±»¹¥»÷µÄÉ豸ËÀ»ú
DDOSÒâ˼ÊÇ Distributed Denial of service µÄËõд£¬Ëæ׿¼ÊõµÄ½ø²½£¬ITÉ豸µÄÅäÖö¼ÔÚ·ÉËÙÔö³¤£¬DOSµÄ·½Ê½ÒѾ±äµÄË®ÍÁ²»·þ£¬ÄǾͲúÉúÁË·Ö²¼Ê½µÄDOS£¬ÐÎÏóµÄ˵¾ÍÊÇÎÒÒ»¸öÈË´ò²»¹ýÄ㣬ÄÇÎÒ¿ÉÒÔ¶à½Ð¼¸¸öÐֵܹýÀ´×áÄ㣬ÎÒ¿ÉÒÔ¹ÍÓ¶ºÜ¶à´òÊÖ£¬(Ò²¾ÍÊÇ¿ØÖƺܶà¿þÀÜ»ú)ÕâÑùµÄ¹¥»÷¾ÍÊÇDDOS
2¡¢ÐÅÏ¢°²È«µÄ»ù±¾ÊôÐÔÖ÷Òª±íÏÖÔÚÄļ¸¸ö·½Ãæ?
´ð£º(1)ÍêÕûÐÔ(Integrity) (2)±£ÃÜÐÔ(Confidentiality) (3)¿ÉÓÃÐÔ(Availability) (4)²»¿É·ñÈÏÐÔ(Non-repudiation) (5)¿É¿ØÐÔ(Controllability)
3¡¢PMIÓëPKIµÄÇø±ðÖ÷ÒªÌåÏÖÔÚÄÄЩ·½Ãæ?
´ð£ºPKIÖ¤Ã÷Óû§ÊÇË£¬²¢½«Óû§µÄÉí·ÝÐÅÏ¢±£´æÔÚÓû§µÄ¹«Ô¿Ö¤ÊéÖÐ;
PMIÖ¤Ã÷Õâ¸ö Óû§ÓÐʲôȨÏÞ£¬Ê²Ã´ÊôÐÔ£¬ÄܸÉʲô£¬²¢½«Óû§µÄÊôÐÔÐÅÏ¢±£´æÔÚÊÚȨ֤ÊéÖС£
µ¥Ñ¡Ìâ
1¡¢µ±·ÃÎÊwebÍøÕ¾µÄij¸öÒ³Ãæ×ÊÔ´²»´æÔÚʱ£¬½«»á³öÏÖµÄHTTP״̬ÂëÊÇ___D___
A¡¢200 B¡¢302 C¡¢401 D¡¢404
״̬Â룺ÊÇÓÃÒÔ±íʾÍøÒ³·þÎñÆ÷HTTPÏìӦ״̬µÄ3λÊý
302£ºÇëÇóµÄ×ÊÔ´ÏÖÔÚÁÙʱ´Ó²»Í¬µÄ URI ÏìÓ¦ÇëÇó¡£
401£ºBad Request ÓïÒåÓÐÎ󣬵±Ç°ÇëÇóÎÞ·¨±»·þÎñÆ÷Àí½â¡£³ý·Ç½øÐÐÐ޸ģ¬·ñÔò¿Í»§¶Ë²»Ó¦¸ÃÖظ´Ìá½»Õâ¸öÇëÇó¡£
404£ºNot FoundÇëÇóʧ°Ü£¬ÇëÇóËùÏ£ÍûµÃµ½µÄ×ÊԴδ±»ÔÚ·þÎñÆ÷ÉÏ·¢ÏÖ¡£
2¡¢ÏÂÁÐÄÄЩ²»ÊôÓںڿ͵ØϲúÒµÁ´ÀàÐÍ?___C___
A¡¢Õæʵ×ʲúµÁÇÔµØϲúÒµÁ´
B¡¢»¥ÁªÍø×ÊÔ´Óë·þÎñÀÄÓõØϲúÒµÁ´
C¡¢Òƶ¯»¥ÁªÍø½ðÈÚ²úÒµÁ´
D¡¢ÍøÂçÐéÄâ×ʲúµÁÇÔµØϲúÒµÁ´
ÎÞµØϲúÒµÁ´¹Ø¼ü´Ê
3¡¢Ðí¶àºÚ¿Í¹¥»÷¶¼ÊÇÀûÓÃÈí¼þʵÏÖÖеĻº³åÇøÒç³öµÄ©¶´£¬¶Ô´Ë×î¿É¿¿µÄ½â¾ö·½°¸ÊÇʲô?___C___
(A)°²×°·À»ðǽ (B)°²×°ÈëÇÖ¼ì²âϵͳ (C)¸øϵͳ°²×°×îеIJ¹¶¡ (D)°²×°·À²¡¶¾Èí¼þ
4¡¢ÏÂÁÐÄÄÀ๤¾ßÊÇÈÕ³£ÓÃÀ´É¨Ãèweb©¶´µÄ¹¤¾ß?___A___
A¡¢IBM APPSCAN
B¡¢NessusÄ¿Ç°È«ÊÀ½ç×î¶àÈËʹÓõÄϵͳ©¶´É¨ÃèÓë·ÖÎöÈí¼þ
C¡¢NMAPNetwork MapperÊÇLinuxϵÄÍøÂçɨÃèºÍÐá̽¹¤¾ß°ü
D¡¢X-SCAN ¹úÄÚ°²È«½¹µã³öÆ·,¶àÏ̷߳½Ê½¶ÔÖ¸¶¨IPµØÖ·¶Î(»òµ¥»ú)½øÐа²È«Â©¶´¼ì²â
5¡¢ÏÂÁÐÄÄÒ»Ïî²»ÊǺڿÍÔÚÈëÇֲȵã(ÐÅÏ¢ËѼ¯)½×¶ÎʹÓõ½µÄ¼¼Êõ?___D___
A¡¢¹«¿ªÐÅÏ¢µÄºÏÀíÀûÓü°·ÖÎö
B¡¢IP¼°ÓòÃûÐÅÏ¢ÊÕ¼¯
C¡¢Ö÷»ú¼°ÏµÍ³ÐÅÏ¢ÊÕ¼¯
D¡¢Ê¹ÓÃsqlmapÑéÖ¤SQL×¢È멶´ÊÇ·ñ´æÔÚ
6¡¢³£¹æ¶Ë¿ÚɨÃèºÍ°ë¿ªÊ½É¨ÃèµÄÇø±ðÊÇ?___B___
A¡¢Ã»Ê²Ã´Çø±ð
B¡¢Ã»ÓÐÍê³ÉÈý´ÎÎÕÊÖ£¬È±ÉÙACK¹ý³Ì
C¡¢°ë¿ªÊ½²ÉÓÃUDP·½Ê½É¨Ãè
D¡¢É¨Ãè׼ȷÐÔ²»Ò»Ñù
7¡¢ÏÂÁÐÄÄÒ»¸öÑ¡Ïî²»ÊôÓÚXSS¿çÕ¾½Å±¾Â©¶´Î£º¦£º___C___
A¡¢µöÓãÆÛÆ
B¡¢Éí·ÝµÁÓÃ
C¡¢SQLÊý¾Ýй¶
D¡¢ÍøÕ¾¹ÒÂí
¿çÕ¾½Å±¾¹¥»÷(Ò²³ÆΪXSS)Ö¸ÀûÓÃÍøվ©¶´´ÓÓû§ÄÇÀï¶ñÒâµÁÈ¡ÐÅÏ¢¡£
8¡¢ÏÂÁÐÄĸöÑ¡Ïî²»ÊÇÉÏ´«¹¦Äܳ£Óð²È«¼ì²â»úÖÆ?___D___
A¡¢¿Í»§¶Ë¼ì²é»úÖÆjavascriptÑéÖ¤
B¡¢·þÎñ¶ËMIME¼ì²éÑéÖ¤
C¡¢·þÎñ¶ËÎļþÀ©Õ¹Ãû¼ì²éÑéÖ¤»úÖÆ
D¡¢URLÖÐÊÇ·ñ°üº¬Ò»Ð©ÌØÊâ±êÇ©<¡¢>¡¢script¡¢alert
9¡¢µ±web·þÎñÆ÷·ÃÎÊÈËÊý³¬¹ýÁËÉè¼Æ·ÃÎÊÈËÊýÉÏÏÞ£¬½«¿ÉÄܳöÏÖµÄHTTP״̬ÂëÊÇ£º___B___
A¡¢200OKÇëÇóÒѳɹ¦£¬ÇëÇóËùÏ£ÍûµÄÏìӦͷ»òÊý¾ÝÌ彫Ëæ´ËÏìÓ¦·µ»Ø
B¡¢503Service UnavailableÓÉÓÚÁÙʱµÄ·þÎñÆ÷ά»¤»òÕß¹ýÔØ£¬·þÎñÆ÷µ±Ç°ÎÞ·¨´¦ÀíÇëÇó¡£
C¡¢403Forbidden·þÎñÆ÷ÒѾÀí½âÇëÇ󣬵«ÊǾܾøÖ´ÐÐËü
D¡¢302Move temporarilyÇëÇóµÄ×ÊÔ´ÏÖÔÚÁÙʱ´Ó²»Í¬µÄ URI ÏìÓ¦ÇëÇó¡£
10¡¢ÏÂÁÐÑ¡ÏîÖв»ÊÇAPT¹¥»÷µÄÌص㣺___D___
A¡¢Ä¿±êÃ÷È·
B¡¢³ÖÐøÐÔÇ¿
C¡¢ÊֶζàÑù
D¡¢¹¥»÷ÉÙ¼û
APT:¸ß¼¶³ÖÐøÐÔÍþв¡£ÀûÓÃÏȽøµÄ¹¥»÷ÊֶζÔÌض¨Ä¿±ê½øÐг¤ÆÚ³ÖÐøÐÔÍøÂç¹¥»÷µÄ¹¥»÷ÐÎʽ¡£Æä¸ß¼¶ÐÔÖ÷ÒªÌåÏÖÔÚAPTÔÚ·¢¶¯¹¥»÷֮ǰÐèÒª¶Ô¹¥»÷¶ÔÏóµÄÒµÎñÁ÷³ÌºÍÄ¿±êϵͳ½øÐо«È·µÄÊÕ¼¯¡£