複選題

2. Which of the following could make a web application vulnerable to an XSS attack? (hoose two.)
(A) Weak encryption algorithm
(B) Use of Flash, VBScript, or JavaScript
(C) Malformed HTML requests
(D) Malformed TCP segments

1. Which of the following web application attacks are caused by compromising a vulnerable web site and uploading malicious code or using malicious links to get a user's sensitive information?(A)CSRF attack(B) XSS attack(C) Injection attack(D) Defacing attack

3. Which of the following are small files located on a host that contain session information about visited web sites?(A)Cookies(B) html files(C) Session keys(D) Applets

4. What types of applications do local shared objects support?(A)Java applets(B) Operating system executable files(C) Microsoft Office content(D) Adobe Flash content

5.ll of the following are mitigations against HTML attachment attacks, except:(A) Stripping e-mail attachments containing HTML files(B) Encrypting HTML attachments during transmission(C) Preventing Internet connections from HTML attachments(D) Cautioning users not to click HTML attachments

6. Manipulating______________is one way to embed malicious commands and directives into HTTP traffic sent back and forth between a client and web server.(A)request packets(B) response segments(C) HTTP headers(D) flash cookies

7. Which network device is used to send traffic to different physical networks, based upon logical addressing? (A)Router (B) Switch (C) Load balancer (D) Firewall

8. Which type of device is used to provide network protection and security bypreventing hosts from connecting to the organization's infrastructure unless they meetcertain criteria?(A)Switch(B) NAT device(C) Firewall(D) NAC device

9. You need to install a new network for a customer, and you are looking at different ways to design the perimeter network and entry points. You determine that you will need a firewall, border router, and two separate network segments off of the firewall for Internet-accessible-servers. Which one of the following architectures best describes your network design? (A)Bastion host (B) VLAN (C) DMZ (D) Subnetwork

10. Which of the following statements is true about subnetting?(A)Adding network bits to the subnet mask creates more networks but fewer hosts.(B) Adding network bits to the subnet mask creates more networks and hosts.(C) Adding host bits to the subnet masks creates more networks but fewer hosts.(D) Adding host bits to the subnet masks creates more hosts and networks.

11.ll of the following characteristics describe VLANs, except: (A) VLANs require routing between them. (B) VLANs separate hosts into logical networks. (C) VLANs can be used to apply security policies and filtering to different segments. (D) VLANs allow any host plugged into the switch to become a member of the virtual segment.

114年 - 114 教育部公費留學考試試題：資訊安全概論#135195

113年 - [無官方正解]113 國立清華大學_碩士班考試入學試題:資訊安全#130695

113年 - 113 教育部公費留學考試試題：資訊安全概論#125716

112年 - [無官方正解]112 國立清華大學碩士班考試入學試題_資訊安全研究所：資訊安全#130782

112年 - 112 教育部公費留學考試試題：資訊安全概論#125717

111年 - [無官方正解]111 國立清華大學碩士班考試入學試題_資訊安全研究所：資訊安全#130742

111年 - 111 教育部_公費留學考試：資訊安全概論#125712

110年 - [無官方正解]109 國立清華大學_碩士班考試入學試題_資訊安全研究所：資訊安全#130996

110年 - 110 教育部公費留學考試試題：資訊安全概論#125719

110年 - 110 國立清華大學碩士班考試入學試題_資訊安全研究所:資訊安全#105636