信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2020/5/20)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/5/20
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2020/5/20)
试题
1:
以下对于蠕虫病毒的说法错误的是:()
A.通常蠕虫的传播无需用户的操作
B.蠕虫病毒的主要危害体现在对数据保密性的破坏
C.蠕虫的工作原理与病毒相似,除了没有感染文件阶段
D.是一段能不以其他程序为媒介,从一个电脑系统复制到另一个电脑系统的程序
试题解析与讨论:
www.cnitpm.com/st/2737516641.html试题参考答案:B
试题
2: A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted?
A、Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP).
B、A digital signature with RSA has been implemented.
C、Digital certificates with RSA are being used.
D、Work is being completed in TCP services.
试题解析与讨论:
www.cnitpm.com/st/2979922110.html试题参考答案:A
试题
3: Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program?
A、A system downtime log
B、Vendors' reliability figures
C、Regularly scheduled maintenance log
D、A written preventive maintenance schedule
试题解析与讨论:
www.cnitpm.com/st/2936924981.html试题参考答案:A
试题
4: The PRIMARY objective of an audit of IT security policies is to ensure that:
A、they are distributed and available to all staff.
B、security and control policies support business and IT objectives.
C、there is a published organizational chart with functional descriptions.
D、duties are appropriately segregated.
试题解析与讨论:
www.cnitpm.com/st/2965910699.html试题参考答案:B
试题
5: Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security policy?
A、Users should not leave tokens where they could be stolen
B、Users must never keep the token in the same bag as their laptop computer
C、Users should select a PIN that is completely random, with no repeating digits
D、Users should never write down their PIN
试题解析与讨论:
www.cnitpm.com/st/2983524679.html试题参考答案:D
试题
6: In an online banking application, which of the following would BEST protect against identity theft?
A、Encryption of personal password
B、Restricting the user to a specific terminal
C、Two-factor authentication
D、Periodic review of access logs
试题解析与讨论:
www.cnitpm.com/st/292117052.html试题参考答案:C
试题
7:
制定数据备份方案时,需要考虑的两个因素为适合的备份时间和()
A、备份介质
B、备份的存储位置
C、备份数据量
D、恢复数据的最大允许时间
试题解析与讨论:
www.cnitpm.com/st/2729322567.html试题参考答案:D
试题
8: 以下恶意代码中,属于宏病毒的是()
A. Macro.Melissa
B. Trojian.huigezi.a
C. Worm.Blaster.g
D. Backdoor.Agobot.frt
试题解析与讨论:
www.cnitpm.com/st/327144885.html试题参考答案:A
试题
9: Accountability for the maintenance of appropriate security measures over information assets resides with the:
A、security administrator.
B、systems administrator.
C、data and systems owners.
D、systems operations group.
试题解析与讨论:
www.cnitpm.com/st/2933513112.html试题参考答案:C
试题
10:
口令是验证用户身份的最常用手段,以下哪一种口令的潜在风险影响范围最大?()
A、长期没有修改的口令
B、过短的口令
C、两个人公用的口令
D、设备供应商提供的默认口令
试题解析与讨论:
www.cnitpm.com/st/2646727870.html试题参考答案:D