信息安全工程师当天每日一练试题地址：www.cnitpm.com/exam/ExamDay.aspx?t1=6

往期信息安全工程师每日一练试题汇总：www.cnitpm.com/class/27/e6_1.html

信息安全工程师每日一练试题（2020/5/12）在线测试：www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/5/12

点击查看：更多信息安全工程师习题与指导

信息安全工程师每日一练试题内容（2020/5/12）

试题1：

在一个分布式环境中，以下哪一项能够最大程度减轻服务器故障的影响？（）
A.冗余路径
B.(服务器)集群
C.拨号备份链路
D.备份电源

试题解析与讨论：www.cnitpm.com/st/2618918436.html
试题参考答案：B

试题2：

在冗余磁盘陈列中，以下不具有容错技术的是（）
A、RAID 0
B、RAID 1
C、RAID 3
D、RAID 5

试题解析与讨论：www.cnitpm.com/st/2645717998.html
试题参考答案：A

试题3： During a security audit of IT processes, an IS auditor found that there were no documented security procedures. The IS auditor should: 
A、create the procedures document. 
B、terminate the audit. 
C、conduct compliance testing. 
D、identify and evaluate existing practices. 
试题解析与讨论：www.cnitpm.com/st/2955220511.html
试题参考答案：D

试题4： When implementing an IT governance framework in an organization the MOST important objective is: 
A、IT alignment with the business. 
B、accountability. 
C、value realization with IT. 
D、enhancing the return on IT investments. 
试题解析与讨论：www.cnitpm.com/st/2919426966.html
试题参考答案：A

试题5： An IS auditor noted that an organization had adequate business continuity plans (BCPs) for each individual process, but no comprehensive BCP. Which would be the BEST course of action for the IS auditor? 
A、Recommend that an additional comprehensive BCP be developed. 
B、Determine whether the BCPs are consistent. 
C、Accept the BCPs as written. 
D、Recommend the creation of a single BCP. 
试题解析与讨论：www.cnitpm.com/st/294206479.html
试题参考答案：B

试题6： Which of the following is the PRIMARY advantage of using computer forensic software for investigations? 
A、The preservation of the chain of custody for electronic evidence 
B、Time and cost savings 
C、Efficiency and effectiveness 
D、Ability to search for violations of intellectual property rights 
试题解析与讨论：www.cnitpm.com/st/2979018681.html
试题参考答案：A

试题7： The implementation of access controls FIRST requires: 
A、a classification of IS resources. 
B、the labeling of IS resources. 
C、the creation of an access control list. 
D、an inventory of IS resources. 
试题解析与讨论：www.cnitpm.com/st/2937124471.html
试题参考答案：D

试题8： 以下关于NAT的说法中，错误的是（）
A.NAT允许一个机构专用Intranet中的主机透明的连接到公共域中的主机，五需每台内部主机都拥有注册的（已经越来越缺乏的）全局互联网地址
B.静态NAT是设置起来最简单和最容易实现的一种地址转换方式，内部网络中的每个主机都被永久映射成外部网络中的某个合法地址
C.动态NAT主要应用于拨号和频繁的远程连接，当远程用户连接上之后，动态NAT就会分配给用户一个IP地址，当用户断开时，这个IP地址就会被释放而留待以后使用
D.动态NAT又叫网络端口转换NAPT试题解析与讨论：www.cnitpm.com/st/327091424.html
试题参考答案：D

试题9： The use of object-oriented design and development techniques would MOST likely: 
A、facilitate the ability to reuse modules. 
B、improve system performance. 
C、enhance control effectiveness. 
D、speed up the system development life cycle. 
试题解析与讨论：www.cnitpm.com/st/295177699.html
试题参考答案：A

试题10： Which of the following BEST restricts users to those functions needed to perform their duties? 
A、Application level access control 
B、Data encryption 
C、Disabling floppy disk drives 
D、Network monitoring device 
试题解析与讨论：www.cnitpm.com/st/2968325592.html
试题参考答案：A