分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2020/6/11)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/6/11
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2020/6/11)
试题1: In what way is a common gateway interface (CGI) MOST often used on a web server?A、Consistent way for transferring data to the application program and back to the user
B、Computer graphics imaging method for movies and TV
C、Graphic user interface for web design
D、Interface to access the private gateway domain
试题解析与讨论:www.cnitpm.com/st/2939017838.html
试题参考答案:A
试题2: During the review of a web-based software development project, an IS auditor realizes that coding standards are not enforced and code reviews are rarely carried out. This will MOST likely increase the likelihood of a successful:
A、buffer overflow.
B、brute force attack.
C、distributed denial-of-service attack.
D、war dialing attack.
试题解析与讨论:www.cnitpm.com/st/2920117383.html
试题参考答案:A
试题3: When evaluating the controls of an EDI application, an IS auditor should PRIMARILY be concerned with the risk of:
A、excessive transaction turnaround time.
B、application interface failure.
C、improper transaction authorization.
D、nonvalidated batch totals.
试题解析与讨论:www.cnitpm.com/st/2950622030.html
试题参考答案:C
试题4: 以下关于公钥基础设施(PKI)的说法中,正确的是()
A. PKI可以解决公钥可信性问题
B. PKI不能解决公钥可信性问题
C. PKI只能有政府来建立
D.PKI不提供数字证书查询服务
试题解析与讨论:www.cnitpm.com/st/3274120315.html
试题参考答案:A
试题5:
以下哪一项不是IIS服务器支持的访问控制过滤类型?()
A、网络地址访问控制
B、web服务器许可
C、NTFS许可
D、异常行为过滤
试题参考答案:D
试题6: An IS auditor has been assigned to review IT structures and activities recently outsourced to various providers. Which of the following should the IS auditor determine FIRST ?
A、That an audit clause is present in all contracts
B、That the SLA of each contract is substantiated by appropriate KPIs
C、That the contractual warranties of the providers support the business needs of the organization
D、That at contract termination, support is guaranteed by each outsourcer for new outsourcers
试题解析与讨论:www.cnitpm.com/st/2975519032.html
试题参考答案:C
试题7:
传统密码学的理论基础是()
A、 数学
B、 物理学
C、 计算机学科
D、 力学
试题参考答案:A
试题8: Which of the following types of data validation editing checks is used to determine if a field contains data, and not zeros or blanks?
A、Check digit
B、Existence check
C、Completeness check
D、Reasonableness check
试题解析与讨论:www.cnitpm.com/st/2976520772.html
试题参考答案:C
试题9:
下列关于信息系统生命周期中实施阶段所涉及主要安全需求描述错误的是:()
A.确保采购定制的设备、软件和其他系统组件满足已定义的安全要求
B.确保整个系统已按照领导要求进行了部署和配置
C.确保系统使用人员已具备使用系统安全功能和安全特性的能力
D.确保信息系统的使用已得到授权
试题参考答案:B
试题10: After reviewing its business processes, a large organization is deploying a new web application based on a VoIP technology. Which of the following is the MOST appropriate approach for implementing access control that will facilitate security management of the VoIP web application?
A、Fine-grained access control
B、Role-based access control (RBAC)
C、Access control lists
D、Network/service access control
试题解析与讨论:www.cnitpm.com/st/293467653.html
试题参考答案:B
扫码关注公众号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,官方教材参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
相关内容
| 发表评论 查看完整评论 | |
考试新手指南
学习计划攻略
精华备考资料
案例论文干货
章节模拟试题
免费试听课程
考试信息推送