信息安全工程师当天每日一练试题地址:http://www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:http://www.cnitpm.com/class27-6-1.aspx
信息安全工程师每日一练试题(2017/4/28)在线测试:http://www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2017/4/28
信息安全工程师每日一练试题内容(2017/4/28)
试题
1:
实现VPN的关键技术主要有隧道技术、加解密技术、 ( ) 和身份认证技术。
A、入侵检测技术
B、病毒防治技术
C、安全审计技术
D、密钥管理技术
试题解析与讨论:
http://www.cnitpm.com/st/79322731.html试题参考答案:D
试题
2: 下面关于防火墙的说法中,正确的是()。
A、防火墙可以解决来自内部网络的玫击
B、防火墙可以防止受病毒感染的文件的传输
C、防火墙会减弱计算机网络系统的性能
D、防火墙可以防止错误配置引起的安全威胁
试题解析与讨论:
http://www.cnitpm.com/st/1280023455.html试题参考答案:C
试题
3:
通过向被攻击者发送大量的ICMP 回应请求,消耗被攻击者的资源来进行响应,直至被攻击者再也无法处理有效的网络信息流时,这种攻击称之为:()
A.Land 攻击
B.Smurf 攻击
C.Ping of Death 攻击
D.ICMP Flood
试题解析与讨论:
http://www.cnitpm.com/st/257053690.html试题参考答案:D
试题
4:
TCP采用第三次握手来建立一个连接,第二次握手传输什么信息:()
A、SYN
B、SYN+ACK
C、ACK
D、FIN
试题解析与讨论:
http://www.cnitpm.com/st/2653229997.html试题参考答案:B
试题
5: Which of the following ensures a sender's authenticity and an e-mail's confidentiality?
A、Encrypting the hash of the message with the sender's private key and thereafter encrypting the hash of the message with the receiver's public key
B、The sender digitally signing the message and thereafter encrypting the hash of the message with the sender's private key
C、Encrypting the hash of the message with the sender's private key and thereafter encrypting the message with the receiver's public key
D、Encrypting the message with the sender's private key and encrypting the message hash with the receiver's public key
试题解析与讨论:
http://www.cnitpm.com/st/2914917443.html试题参考答案:C
试题
6: Which of the following is a mechanism for mitigating risks?
A、Security and control practices
B、Property and liability insurance
C、Audit and certification
D、Contracts and service level agreements (SLAs)
试题解析与讨论:
http://www.cnitpm.com/st/2935124534.html试题参考答案:A
试题
7: When two or more systems are integrated, input/output controls must be reviewed by an IS auditor in the:
A、systems receiving the output of other systems.
B、systems sending output to other systems.
C、systems sending and receiving data.
D、interfaces between the two systems.
试题解析与讨论:
http://www.cnitpm.com/st/2973726678.html试题参考答案:C
试题
8: Integrating business continuity planning (BCP) into an IT project aids in:
A、the retrofitting of the business continuity requirements.
B、the development of a more comprehensive set of requirements.
C、the development of a transaction flowchart.
D、ensuring the application meets the user's needs.
试题解析与讨论:
http://www.cnitpm.com/st/297596764.html试题参考答案:B
试题
9: 信息系统审计师在进行审计时发现存在病毒,后续步骤应为?()
A、观察反应机制
B、从网络上清除病毒
C、立刻通知相关人员
D、确保病毒被清除
试题解析与讨论:
http://www.cnitpm.com/st/3011917555.html试题参考答案:C
试题
10: 当检查信息系统战略时,信息系统审计师要评价信息系统战略是否支持组织的业务目标,最好通过判断信息系统是否:
A、有所有必需的人员和设备
B、计划跟管理战略相一致
C、有效率地和有效地使用了设备和人员
D、有足够充裕的能力去应对变化的形势
试题解析与讨论:
http://www.cnitpm.com/st/301598200.html试题参考答案:B