2017上半年信息安全工程師上午真題試題解析第71-75題
71-75、There are different ways to perform IP based DoS Attacks. The most common IP based DoS attack is that an attacker sends an extensive amount of connection establishment （1）(e.g. TCP SYN requests) to establish hanging connections with the controller or a DPS. Such a way, the attacker can consume the network resources which should be available for legitimate users. In other （2）, the attacker inserts a large amount of （3）packets to the data plane by spoofing all or part of the header fields with random values. These incoming packets will trigger table-misses and send lots of packet-in flow request messages to the network controller to saturate the controller resources. In some cases, an （4）who gains access to DPS can artificially generate lots of random packet-in flow request messages to saturate the control channel and the controller resources. Moreover, the lack of diversity among DPSs fuels fuels the fast propagation of such attacks.
Legacy mobile backhaul devices are inherently protected against the propagation of attacks due to complex and vendor specific equipment. Moreover, legacy backhaul devices do not require frequent communication with core control devices in a manner similar to DPSs communicating with the centralized controller. These features minimize both the impact and propagation of DoS attacks. Moreover, the legacy backhaul devices are controlled as a joint effort of multiple network element. For instance, a single Long Term Evilution（LTE）eNodeB  is connected up to 32 MMEs. Therefore, DoS/DDoS attack on a single core element will not terminate the entire operation of a backhaul device（5）the net work.
（1）A.message  B、information  C、requests  D、data
（2）A.methods  B、cases       C、hands    D、sections
（3）A.bad      B、real        C、fake      D、new
（4）A.user     B、administrator  C、editor   D、attacker
（5）A.or       B、of          C、in        D、to
信管網(wǎng)解析：
譯文：
有許多種方法去執(zhí)行基于IP的DoS攻擊。最常見的基于IP的DoS攻擊的一種方式是攻擊者發(fā)送廣泛數(shù)量的連接請求（例如TCP SYN請求）用控制器或者數(shù)據(jù)從處理系統(tǒng)去建立懸掛連接。攻擊者能毀滅可以被合法用戶利用的網(wǎng)絡資源。在其他情況下，攻擊者添加了大量的偽裝數(shù)據(jù)包，這些傳入信息包將觸發(fā)，并向網(wǎng)絡控制器發(fā)送大量的packein流請求消息這些進入的工作包會引發(fā)table-misses 和發(fā)送許多packet-in 請求信息到網(wǎng)絡控制器使控制器資源飽和。在有些情況中，攻擊者獲得進入DPS可以獲得許多工作包請求信息去滲透控制渠道和控制器資源。此外，DPS多樣性的缺乏會激起最快的攻擊擴散。
移動回程設備是固有的可以阻止由于復雜和特定供應商設備攻擊的傳播。此外，遺留的回程設備不需要頻繁地與核心控制設備進行通信，類似于DPS與集中式控制器通信的方式。這些特性最小化了DoS攻擊的影響和傳播。此外，移動回程設備被控制為多個網(wǎng)絡元素的共同努力。例如，一個單一的長時間的清除(LTE)eNodeB連接到32個MMEs。因此，DoS / DDoS攻擊一個單一的核心元素不會終止網(wǎng)絡工作的一個回程裝置的整個操作。
拒絕服務攻擊概述：http://m.xiexiliangjiufa.com/pm1/62286.html
信管網(wǎng)參考答案：C、B、C、D、B
點擊查看：2017上半年信息安全工程師上午綜合知識真題