信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2020/6/8)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/6/8
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2020/6/8)
试题
1:
通过网页上的钓鱼攻击来获取密码的方式,实质上是一种:()
A.社会工程学攻击
B.密码分析学
C.旁路攻击
D.暴力破解攻击
试题解析与讨论:
www.cnitpm.com/st/2732610921.html试题参考答案:A
试题
2:
下列保护系统账户安全的措施中,哪个措施对解决口令暴力破解无帮助?()
A.设置系统的账户锁定策略,在用户登录输入错误次数达到一定数量时对账户进行锁定
B.更改系统内置管理员的用户名
C.给管理员账户一个安全的口令
D.使用屏幕保护并设置返回时需要提供口令
试题解析与讨论:
www.cnitpm.com/st/2708919890.html试题参考答案:D
试题
3: Network security starts from( 1 )any user, most likely a username and a password. Once authenticated, a stateful firewall enforces ( 2 )such as what services are allowed to be accessed by network users. Though effective to prevent unauthorized access, this component fails to check potentially harm contents such as computer worms being transmitted over the network. An intrusion prevention system (IPS)helps detect and prevent such malware. ( 3 )also monitors suspicious network affic for contents, volume and anomalies to protect the network from attacks such as denial of service. Communication between two hosts using the network could be encrypted to maintain privacy. Individual events occurring on the network could be tracked for audit purposes and for a later high level analysis.
( 4 ), essentially decoy network-accessible resources, could be deployed in a network as surveillance and early-warning tools. Techniques used by the attackers that attempt to compromise these decoy resources are studied during and after an attack to keep an eye on new exploitation techniques. Such analysis could be used to further tighten security of the actual network ( 5 )by the honeypot.
(1)A. authenticating
B. Proofreading
C. checking
D. detecting
(2)A. Control Strategy
B. access permission
C. access policies
D. security strategy
(3)A. lPS
B.IDS
C. P2DR
D. P2DR2
(4)A. Botnet
B. Honeypots
C. Phishing
D. Demilitarized zone
(5)A. being destroyed
B. being attacked
C. being damaged
D. being protected
试题解析与讨论:
www.cnitpm.com/st/2914326590.html试题参考答案:A、C、A、B、D
试题
4: When reviewing procedures for emergency changes to programs, the IS auditor should verify that the procedures:
A、allow changes, which will be completed using after-the-fact follow-up.
B、allow undocumented changes directly to the production library.
C、do not allow any emergency changes.
D、allow programmers permanent access to production programs.
试题解析与讨论:
www.cnitpm.com/st/296681897.html试题参考答案:A
试题
5: Which of the following is the BEST audit procedure to determine if a firewall is configured in compliance with an organization's security policy?
A、Review the parameter settings.
B、Interview the firewall administrator.
C、Review the actual procedures.
D、Review the device's log file for recent attacks.
试题解析与讨论:
www.cnitpm.com/st/293057369.html试题参考答案:A
试题
6: A company has contracted with an external consulting firm to implement a commercial financial system to replace its existing system developed in-house. In reviewing the proposed development approach, which of the following would be of GREATEST concern?
A、Acceptance testing is to be managed by users.
B、A quality plan is not part of the contracted deliverables.
C、Not all business functions will be available on initial implementation.
D、Prototyping is being used to confirm that the system meets business requirements.
试题解析与讨论:
www.cnitpm.com/st/2961815496.html试题参考答案:B
试题
7:
以下哪个属性不会出现在防火墙的访问控制策略配置中?()
A.本局域网内地址
B.百度服务器地址
C.HTTP 协议
D.病毒类型
试题解析与讨论:
www.cnitpm.com/st/2576022608.html试题参考答案:D
试题
8:
业务系统运行中异常错误处理合理的方法是:()
A.让系统自己处理异常
B.调试方便,应该让更多的错误更详细的显示出来
C.捕获错误,并抛出前台显示
D.捕获错误,只显示简单的提示信息,或不显示任何信息
试题解析与讨论:
www.cnitpm.com/st/2755825298.html试题参考答案:D
试题
9: Which of the following is the GREATEST risk of an inadequate policy definition for ownership of data and systems?
A、User management coordination does not exist.
B、Specific user accountability cannot be established.
C、Unauthorized users may have access to originate, modify or delete data.
D、Audit recommendations may not be implemented.
试题解析与讨论:
www.cnitpm.com/st/295898457.html试题参考答案:C
试题
10:
包过滤技术防火墙在过滤数据包时,一般不关心()
A、数据包的源地址
B、数据包的协议类型
C、数据包的目的地址
D、数据包的内容
试题解析与讨论:
www.cnitpm.com/st/285063318.html试题参考答案:D