信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2023/5/9)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2023/5/9
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2023/5/9)
试题1
移位密码的加密对象为英文字母,移位密码采用对明文消息的每一个英文字母向前推移固定key位的方式实现加密。设key=6,则明文“SEC”对应的密文为()查看答案
试题参考答案:A
试题解析与讨论:www.cnitpm.com/st/502396132.html
试题2
网络系统中针对海量数据的加密,通常不采用( )方式。查看答案
试题参考答案:B
试题3
文件加密就是将重要的文件以密文形式存储在媒介上,对文件进行加密是一种有效的数据加密存储技术。基于Windows系统的是( )。查看答案
试题参考答案:D
试题4
PKI是一种标准的公钥密码的密钥管理平台,数字证书是PKI的基本组成部分。在PKI中,X.509数字证书的内容不包括()。查看答案
试题参考答案:A
试题5
S/Key口令是一种一次性口令生产方案,它可以对抗()
A、恶意代码木马攻击
B、拒绝服务攻击
C、协议分析攻击
D、重放攻击
查看答案
试题参考答案:D
试题6
信息通过网络进行传输的过程中,存在着被篡改的风险,为了解决这一安全问题,通常采用的安全防护技术是()
A、加密技术
B、匿名技术
C、消息认证技术
D、数据备份技术
查看答案
试题参考答案:C
试题7
等级保护2.0对于应用和数据安全,特别增加了个人信息保护的要求。以下关于个人信息保护的描述中,错误的是()。查看答案
试题参考答案:C
试题8
计算机系统的安全级别分为四级:D、C(C1、C2)、B(B1、B2、B3)和A。其中被称为选择保护级的是()查看答案
试题参考答案:A
试题9
(1)is the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party. the goal of steganography is to hide the data from a third party. In this article, I will discuss what steganography is, what purposes it serves, and will provide an example using available software.
There are a large number of steganographic (2)that most of us are familiar with (especially if you watch a lot of spy movies), ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication. With computers and networks, there are many other ways of hiding informations, such as:
Covert channels (c,g, Loki and some distributed denial-of-service tools use the Internet Control (3)Protocol, or ICMP, as the communication channel between the “bad guy”and a compromicyed system)
Hidden text within Web pages
Hiding files in “plain sight”(c,g. what better place to “hide”a file than with an important sounding name in the c:\winnt system32 directory)
Null ciphers(c,g, using the first letter of each word to form a hidden message in an otherwise innocuous text)
steganography today, however, is significantly more (4)than the example about suggest, allowing a user to hide large amounts of information within image and audio. These forms of steganography often are used in conjunction with cryptography so the information is double protected; first it is encrypted and then hidden so that an advertisement first. find the information ( an often difficult task in and of itself) and the decrypted it.
The simplest approach to hiding data within an image file is called (5)signature insertion. In this method, we can take the binary representation of the hidden data and the bit of each byte within the covert image. If we are using 24-bit color the amount and will be minimum and indiscriminate to the human eye.
(1)A、Cryptography
B、Geography
C、Stenography
D、Steganography
(2)A、methods
B、software
C、tools
D、services
(3)A、Member
B、Management
C、Message
D、Mail
(4)A、powerful
B、sophistication
C、advanced
D、easy
(5)A、least
B、most
C、much
D、less
查看答案
试题参考答案:D、A、C、B、A
试题10
Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the sytems and applications that depend on it can( )be considered secure.An often cited articulation of this principle is:" a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.查看答案
试题参考答案:D、C、A、B、A
试题解析与讨论:www.cnitpm.com/st/389944612.html
信管网订阅号
信管网视频号
信管网抖音号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,教材和资料参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
发表评论 查看完整评论 | |