分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2025/10/20)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2025/10/20)
试题1
SSL协议是对称密码和公钥密码技术相结合的协议,该协议不能提供的安全服务是()
A.保密性
B.可用性
C.完整性
D.可认证性查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题2
PKI是一种标准的公钥密码密钥管理平台。在PKI中,认证中心CA是整个PKI体系中各方都承认的一个值得信赖的、公正的第三方机构。CA的功能不包括( )。
A.证书的颁发
B.证书的审批
C.证书的加密
D.证书的备份查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题3
PKI中撤销证书是通过维护一个证书撤销列表CRL来实现的。以下不会导致证书被撤销的是( )。
A.密钥泄漏
B.系统升级
C.证书到期
D.从属变更查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题4
Symmetric-key cryptosystems use the() key for encryption and decryption of a message,though a message or group of messages may have a different key than others. A significant disadvantage of symmetric ciphers is the key management necessary to use them securely.Each distinct pair of communicating parties must, ideally, share a different key, and perhaps each ciphertext exchanged as well. The number of keys required increases as the square of the number of network members,which very quickly requires complex key management schemes to keep them all straight and secret. The difficulty of securely establishing a secret()between two communicating parties, when a secure channel doesn't already exist between them, also presents a chicken-and-egg problem which is a considerable practical obstacle for cryptography users in the real world.
Whitfield Difñie and Martin Hellman, authors of the first paper on public-key cryptography.
In a groundbreaking 1976 paper, Whitfield Diffie and Martin Hellman proposed the notion of public-key (also, more generally, called asymmetric key) cryptography in which two different but mathematically related keys are used-a public key and a private key. A public key system is so constructed that calculation of one key (the private key) is computationally infeasible()the other (the public key), even though they are necessarily related. Instead, both keys are generated secretly, as an interrelated pair. The historian David Kahn described public-key cryptography as “the most revolutionary new concept in the field since poly-alphabetic substitution emerged in the Renaissance”.
In public-key cryptosystems,the()key may be freely distributed,while its paired private key must remain secret. The public key is typically used for encryption, while the private or secret key is used for decryption. Diffie and Hellman showed that public-key cryptography was possible by presenting the Diffie-Hellman key exchange protocol.
In 1978, Ronald Rivest, Adi Shamir, and Len Adleman invented(),another public-key system.
In 1997, it finally became publicly known that asymmetric key cryptography had been invented by James H. Ellis at GCHQ,a British intelligence organization, and that, in the early 1970s,both the Diffie-Hellman and RSA algorithms had been previously developed(by Malcolm J. Williamson and Clifford Cocks, respectively).
(1) A. different
B. same
C.public
D. private
(2)A. plaintext
B. stream
C.ciphertext
D.key
(3)A.from
B. in
C.to
D.of
(4)A.public
B.private
C.symmetric
D.asymmetric
(5) A.DES
B.AES
C.RSA
D.IDEA查看答案
试题参考答案:B、D、A、A、C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题5
访问控制机制是由一组安全机制构成,可以抽象为一个简单模型,以下不属于访问控制模型要素的是()。
A.主体
B.客体
C.审计库
D.协议查看答案
试题参考答案:D
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题6
典型的水印攻击方式包括:鲁棒性攻击、表达攻击、解释攻击和法律攻击.其中鲁棒性攻击是指在不损害图像使用价值的前提下减弱、移去或破坏水印的一类攻击方式.以下不属于鲁棒性攻击的是( )。
A.像素值失真攻击
B.敏感性分析攻击
C.置乱攻击
D.梯度下降攻击查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题7
特洛伊木马攻击的威胁类型属于()
A、授权侵犯威胁
B、渗入威胁
C、植入威胁
D、旁路控制威胁查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题8
Oracle数据库建立数据库保险库(DV)机制,该机制用于保护敏感数据,具有防止数据系统未授权变更、多因素可信授权、职麦隔高、最小化特权的功能。DV机制通过设置()对特权进行控制。
A.透明数据加密和数据屏蔽
B.多级认证和数据库管理员
C.强认证和网络认证
D.安全域和命令规则查看答案
试题参考答案:D
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题9
操作系统审计一般是对操作系统用户和系统服务进行记录,主要包括用户登录和注销、系统服务启动和关闭、安全事件等。Linux操作系统自带审计功能,其中日志文件wtmp是()。
A.当前用户登录日志
B.用户登录和退出日志
C.用户命令操作日志
D.最近登录日志查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
试题10
按照《计算机场地通用规范(GB/T2887-2011)》的规定,计算机机房分为四类:主要工作房间、第一类辅助房间、第二类辅助房间和第三类辅助房间。以下属于第一类辅助房间的是( )。
A.终端室
B.监控室
C.资料室
D.储藏室查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/10/20
信管网订阅号
信管网视频号
信管网抖音号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,教材和资料参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
相关内容
| 发表评论 查看完整评论 | |
考试新手指南
学习计划攻略
精华备考资料
案例论文干货
章节模拟试题
免费试听课程
考试信息推送