信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2022/7/1)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2022/7/1
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2022/7/1)
试题1
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of (71 )and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.查看答案
试题参考答案:A、D、C、B、A
试题2
通用入侵检测框架模型(CIDF)由事件产生器、事件分析器、响应单元和事件数据库四个部分组成。其中向系统其他部分提供事件的是( )查看答案
试题参考答案:A
试题3
网络安全漏洞是网络安全管理工作的重要内容,网络信息系统的漏洞主要来自两个方面:非技术性安全漏洞和技术性安全漏洞。以下属于非技术性安全漏洞主要来源的是 ( )查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/st/522697983.html
试题4
入侵检测技术包括异常入侵检测和误用入侵检测。以下关于误用检测技术的描述中,正确的是( )。查看答案
试题参考答案:B
试题5
恶意代码是指为达到恶意目的而专门设计的程序或代码。以下恶意代码中,属于脚本病毒的是 ( )。查看答案
试题参考答案:D
试题6
SYN 扫描首先向目标主机发送连接请求,当目标主机返回响应后,立即切断连接过程, 并查看响应情况。果目标主机返回( ),表示目标主机的该端口开放。查看答案
试题参考答案:A
试题7
能有效控制内部网络和外部网络之间的访问及数据传输,从而达到保护内部网络的信息不受外部非授权用户的访问和对不良信息的过滤的安全技术是()查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/st/327375395.html
试题8
Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the sytems and applications that depend on it can( )be considered secure.An often cited articulation of this principle is:" a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.查看答案
试题参考答案:D、C、A、B、A
试题解析与讨论:www.cnitpm.com/st/389944612.html
试题9
以下对OSI(开放系统互联)参考模型中数据链路层的功能叙述中,描述最贴切是()
A、保证数据正确的顺序、无差错和完整
B、控制报文通过网络的路由选择
C、提供用户与网络的接口
D、处理信号通过介质的传输
查看答案
试题参考答案:A
试题10
IP地址欺骗的发生过程,下列顺序正确的是()。①确定要攻击的主机A;②发现和他有信任关系的主机B;③猜测序列号;④成功连接,留下后面;⑤将B利用某种方法攻击瘫痪。查看答案
试题参考答案:A
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,官方教材参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
发表评论 查看完整评论 | |