21. A buffer overflow attack was launched against one of your Windows-based web servers. You'd like to know what process was affected on the server itself. Where might you look for clues as to what process was affected?
(A) Access log
(B) Application log
(C) Security log
(D) Setup log

1. What is the primary different between a proxy and a firewall? (A) A proxy allows access, while a firewall denies access. (B) A firewall uses a hardened operating system, while a proxy does not. (C) A proxy makes application-level requests on behalf of internal users, while a firewall typically just passes through authorized traffic. (D) A firewall is capable of successfully performing Network Address Transaction for internal clients, while a proxy is forced to reveal internal addressing schemes.

2. Why is it important for a web application firewall to perform SSL inspection? (A) A lack of SSL inspection would allow a channel of threats past the firewall. (B) SSL is only used when you know you are under attack. (C) Inspecting the SSL traffic assists with load balancing. (D) None of the above.

3. Why is delay-based filtering effective against spam? (A) Spam generators will not send spam if they cannot do it immediately. (B) Spam generators do not wait for the SMTP banner. (C) Spam generators are poorly behaved and will quickly move on to the next server. (D) Spam generators has a very short TTL value.

4. 802.1x defines the encapsulation of EAP. What is EAP? (A) Extensible Autonomous Protocol (B) Extensible Authentication Protocol (C) Extended Authentication Protocol (D) Encapsulation Authentication Protocol

5. In ACLs, an implicit deny will apply to network traffic that: (A) Matches two or more rules in the ACL. (B) Does not match any entry in the ACL. (C) Originates from inside the DMZ. (D) Comes from a poofed source address.

6. What is a threat to VPN over open wireless? (A) Hackers can sniff all the VPN packets and decrypt them. (B) The user must connect to the open wireless before starting VPN, allowing an attacker a potential window of time to compromise the machine. (C) A certificate could be faked, allowing access into the corporate server. (D) All of the above.

7. Which of the following is not a commonly used file-hashing algorithm? (A) SHA-224 (B) SHA-256 (C) SHA-512 (D) TLS

8. Which of the following techniques is most likely to be employed by a credit card company looking for fraudulent transactions? (A) Big data analysis (B) Network forensics (C) Script mining (D) Drive imaging

9. What is a zero-day exploit? (A) A piece of malicious code that attaches itself to another piece of code in order to replicate. (B) An attack that exploits a previously unknown vulnerability. (C) A piece of software that appears to avoid one service but that also hides another purpose. (D) Malware specifically designed to modify the operation of the operating system.

複選題10. Which of the following correctly defines phishing? (A) The use of social engineering to trick a user into responding to an e-mail to initiate a malware-based attack. (B) The use of social engineering to talk someone into revealing credentials. (C) The hacking of computer systems and networks associated with the phone company. (D) Looking over the shoulder or using a camera to view a user entering sensitive data.

114年 - 114 教育部公費留學考試試題：資訊安全概論#135195

113年 - [無官方正解]113 國立清華大學_碩士班考試入學試題:資訊安全#130695

113年 - 113 教育部公費留學考試試題：資訊安全概論#125716

112年 - [無官方正解]112 國立清華大學碩士班考試入學試題_資訊安全研究所：資訊安全#130782

112年 - 112 教育部公費留學考試試題：資訊安全概論#125717

111年 - [無官方正解]111 國立清華大學碩士班考試入學試題_資訊安全研究所：資訊安全#130742

111年 - 111 教育部_公費留學考試：資訊安全概論#125712

110年 - [無官方正解]109 國立清華大學_碩士班考試入學試題_資訊安全研究所：資訊安全#130996

110年 - 110 教育部公費留學考試試題：資訊安全概論#125719

110年 - 110 國立清華大學碩士班考試入學試題_資訊安全研究所:資訊安全#105636