免费注册 查看新帖 |

Chinaunix

  平台 论坛 博客 文库
最近访问板块 发新帖
查看: 3354 | 回复: 1
打印 上一主题 下一主题

一日两题 答案稍后贴出 [复制链接]

论坛徽章:
0
跳转到指定楼层
1 [收藏(0)] [报告]
发表于 2002-08-02 00:13 |只看该作者 |倒序浏览
1。As a security professional, you are asked to put a \"living documents\" into place for the organization that will help the security department (with the help of upper management) to enforce certain aspects of security in that organization. What is this \"living document\" called? \r\nA.        Orange Book\r\nB.        Security Policy \r\nC.        Rainbow series \r\nD.        Red Book\r\n\r\n2。You are the Security consultant for your organization. Many DDoS Attackers are being launched from your web server on the DMZ. From the list below, your web server has become what type of item to the Cracker who launched this offensive? \r\nA.        A Bastion Attacker \r\nB.        A Zombie \r\nC.        A DMZ bomb \r\nD.        A Gorgon

论坛徽章:
0
2 [报告]
发表于 2002-08-03 23:39 |只看该作者
Answer for Question 1.\r\nB. Security Policy\r\nExplanation: In business, a security policy is a document that states in writing how a company plans to protect the company\'s physical and information technology (IT) assets. A security policy is often considered a \"living document\", meaning that the document is never finished, but is continuously updated as technology and employee requirements change. A company\'s security policy may include an acceptable use policy, a description of how the company plans to educate its employees about protecting the company\'s assets, an explanation of how security measurements will be carried out and enforced, and a procedure for evaluating the effectiveness of the security policy to ensure that necessary corrections will be made. \r\n\r\nAnswer for Question 2\r\ncorrect Answer is B\r\nExplanation: A computer that has been implanted with a daemon that puts it under the control of a malicious hacker without the knowledge of the computer owner. Zombies are used by malicious hackers to launch DoS attacks. The hacker sends commands to the zombie through an open port. On command, the zombie computer sends an enormous amount of packets of useless information to a targeted Web site in order to clog the site\'s routers and keep legitimate users from gaining access to the site. The traffic sent to the Web site is confusing and therefore the computer receiving the data spends time and resources trying to understand the influx of data that has been transmitted by the zombies. Compared to programs such as viruses or worms that can eradicate or steal information, zombies are relatively benign as they temporarily cripple Web sites by flooding them with information and do not compromise the site\'s data. Such prominent sites as Yahoo, Amazon and CNN.com were brought down in 2000 by zombie DoS attacks.
您需要登录后才可以回帖 登录 | 注册

本版积分规则 发表回复

  

北京盛拓优讯信息技术有限公司. 版权所有 京ICP备16024965号-6 北京市公安局海淀分局网监中心备案编号:11010802020122 niuxiaotong@pcpop.com 17352615567
未成年举报专区
中国互联网协会会员  联系我们:huangweiwei@itpub.net
感谢所有关心和支持过ChinaUnix的朋友们 转载本站内容请注明原作者名及出处

清除 Cookies - ChinaUnix - Archiver - WAP - TOP