分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2021/5/1)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2021/5/1
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2021/5/1)
试题1: 以下关于网络欺骗的描述中,不正确的是( )。A. Web欺骗是一种社会工程攻击
B.DNS欺骗通过入侵网站服务器实现对网站内容的篡改
C.邮件欺骗可以远程登录邮件服务器的端口 25
D.采用双向绑定的方法可以有效阻止ARP欺骗
试题解析与讨论:www.cnitpm.com/st/411382082.html
试题参考答案:B
试题2: Linux系统的运行日志存储的目录是( )。
A./var/log
B./usr/log
C./etc/log
D./tmp/log
试题解析与讨论:www.cnitpm.com/st/3894728881.html
试题参考答案:A
试题3: 攻击者通过对目标主机进行端口扫描,可以直接获得()。
A.目标主机的口令
B.给目标主机种植木马
C.目标主机使用了什么操作系统
D.目标主机开放了那些端口服务
试题解析与讨论:www.cnitpm.com/st/3270814559.html
试题参考答案:D
试题4:
某单位在实施信息安全风险评估后,形成了若干文挡,下面()中的文挡不应属于风险评估中“风险评估准备”阶段输出的文档。()
A.《风险评估工作计划》,主要包括本次风险评估的目的、意义、范围、目标、组织结构、角色及职责、经费预算和进度安排等内容
B.《风险评估方法和工具列表》。主要包括拟用的风险评估方法和测试评估工具等内容
C.《已有安全措施列表》,主要包括经检查确认后的已有技术和管理各方面安全措施等内容
D.《风险评估准则要求》,主要包括风险评估参考标准、采用的风险分析方法、风险计算方法、资产分类标准、资产分类准则等内容
试题参考答案:C
试题5:
所有进入物理安全区域的人员都需经过()
A.考核
B.授权
C.批准
D.认可
试题参考答案:B
试题6:
以下哪些不属于敏感性标识()
A.不干贴方式
B.印章方式
C.电子标签
D.个人签名
试题参考答案:D
试题7:
以下关于信息安全工程说法正确的是:()
A.信息化建设中系统功能的实现是最重要的
B.信息化建设可以先实施系统,而后对系统进行安全加固
C.信息化建设中在规划阶段合理规划信息安全,在建设阶段要同步实施信息安全建设
D.信息化建设没有必要涉及信息安全建设
试题参考答案:
试题8: The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of (71 )and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
(71)
A.plaintext
B.ciphertext
C.data
D.hash
(72)
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
(73)
A.of
B.for
C.with
D.in
(74)
A.hash
B.stream
C.ciphertext
D.plaintext
(75)
A.collisons
B.image
C.preimage
D.solution
试题解析与讨论:www.cnitpm.com/st/4115223167.html
试题参考答案:A、D、C、B、C
试题9: 基于公开密钥的数字签名算法对消息进行签名和验证时,正确的签名和验证方式是( )。
A.发送方用自己的公开密钥签名,接收方用发送方的公开密钥验证
B.发送方用自己的私有密钥签名,接收方用自己的私有密钥验证
C.发送方用接收方的公开密钥签名,接收方用自己的私有密钥验证
D.发送方用自己的私有密钥签名,接收方用发送方的公开密钥验证
试题解析与讨论:www.cnitpm.com/st/4115119792.html
试题参考答案:D
试题10: WPKI(无线公开密钥体系)是基于无网络环境的一套遵循既定标准的密钥及证书管理平台,该平台采用的加密算法是( )。
A.SM4
B.优化的RSA加密算法
C.SM9
D.优化的椭圆曲线加密算法
试题解析与讨论:www.cnitpm.com/st/3897110044.html
试题参考答案:D
扫码关注公众号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,官方教材参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
相关内容
| 发表评论 查看完整评论 | |
考试新手指南
学习计划攻略
精华备考资料
案例论文干货
章节模拟试题
免费试听课程
考试信息推送