[多选题]A new web application is being deployed Mutual SSL authentication must be used to authenticate clients.
Which of the following two tasks must be completed to meet the requirements? (Choose two)
A. configure the server SSL profile with "Client Certificate" Set to require
B. configure the client SSL profile with "Client Certificate" set to require
C. instruct the desktop team to update the web browser to the most recent release
D. generate a CSR to register a certificate with the CA
E. configure the client SSL profile with the Trusted .Certificate Authorities

[单选题]A web server is being overloaded with HTTPS traffic. To decrease the load on the server, the LTM Specialist and the Server. Administrator decide to perform SSL offloading on the LTM device. The configuration of the virtual server is as follows:
Which change must be made to the configuration to perform SSL offloading?
A. Remove the clientssl and http profiles
B. Remove the clients profile
C. Remove the clientssl and serverssl profiles
D. Remove the severssl profile

[单选题]An SSL application is being migrated to the LTM device. Both encrypted and unencrypted traffic are
Accepted by the server. The virtual server configuration is as follows:
Which LTM device profile should be used on the LTM device to reduce the CPU load on the current.
A. Protocol
B. serverssl
C. clientsssl
D. stream

[单选题] ( ) is a fact that English is being accepted as an international language.
A. There
B. This
C. That
D. It

[多选题]移动云Web应用防护产品可有效应对常见Web应用威胁，包括（）。
A.SQL注入;
B.XSS注入;
C.跨站请求伪造攻击;
D.ETP攻击
E.略
F.略
G.略

[单选题]An application is being load balanced through the LTM device using the configuration displayed below. The network has been re-engineered to NAT all client connection. As a result, all client connections are hitting the same pool member.
Which changes should the LTM Specialist make in order to restore load balancing functionality wile
Maintaining session persistence?
A. Change the virtual server type to Standard, add an http profile, and change the persistence profile to Destination Address
B. Leave the virtual server type set Performance (Layer 4) and change the persistence type to hash
C. Change the virtual serer type to Forwarding (Layer 4) and leave the persistence type to hash source
Address
D. Change the virtual server to Standard add an http profile, and change the persistence profile to Cookie persistence

[判断题]Web 界面可以通过 SSL 加密用户名和密码，非 Web 的图形界面如果既没有内部加密，也没有 SSL, 可以使用隧道解决方案，如 SSH。
A.正确
B.错误

[多选题]在WEB服务器上上传webshell,有时会要用到解析漏洞,以下是攻击者在相应的web服务器上,上传的文件名字,有可能利用成功的是(假设服务器的解析漏洞存在)(____)。
A. apache服务器,上传文件名为1.php.gif
B. apache服务器,上传文件名为 1.php.rar
C. IIS7.0服务器,在asp.asp目录下上传了1.jpg文件
D. IIS6.0服务器,上传了1.asp;.jpg文件

[单选题]与Web站点和Web页面密切相关的一个概念称"统一资源定位器"，它的英文缩写是____。
A.UPS
B.USB
C.ULR
D.URL

[单选题]Being poor makes many people sad. But in the case of my father, it influences him ____ .
A. otherwise
B. equally
C. suitably
D. additionally

[简答题]He has never been away from home. So being homesick is a_________ new to him.

[简答题]Drivers are being warned that an escaped __________has been seen on the way to Paris.

[多选题] 在Web体系结构中，Web中间件可能存在以下哪些类型的属洞( )。
A.配置缺陷
B.插件漏洞
C.文件上传和解析漏洞
D.越权漏洞

[单选题]在WEB应用攻击中,直接攻击访问WEB应用的客户端的攻击手段是( )
A.暴力破解
B.越权访问(逻辑漏洞)
C.SQL注入攻击
D.跨站脚本攻击

[单选题]WAF的WEB安全功能主要通过WEB攻击防护、敏感数据防泄漏、网页防篡改来实现。
A. 对
B. 错

[单选题]为增强 Web 应用程序的安全性，某软件开发经理决定加强 Web 软件安全开发培训， 下面哪项内容不在考虑范围内
A.关于网站身份鉴别技术方面安全知识的培训
B.针对 OpenSSL 心脏出血漏洞方面安全知识的培训
C.针对 SQL 注入漏洞的安全编程培训
D.关于 ARM 系统漏洞挖掘方面安全知识的培训

[单选题]为增强 Web 应用程序的安全性，某软件开发经理决定加强 Web 软件安全开发培训，
下面哪项内容不在考虑范围内
A.关于网站身份鉴别技术方面安全知识的培训
B.针对 OpenSSL 心脏出血漏洞方面安全知识的培训
C.针对 SQL 注入漏洞的安全编程培训
D.关于 ARM 系统漏洞挖掘方面安全知识的培训

[判断题]调控云平台服务层PaaS应支持Web应用的健康状况监控，可监控Web服务器的健康状况，包括但不限于应用的CPU、内存等，对不健康的应用触发日志告警。
A.正确
B.错误

[单选题]Internet上,访问Web信息时用的工具是浏览器。下列____就是目前常用的Web浏览器之一。
A.Internet Explorer
B.Outlook Express
C.Yahoo
D.FrontPage