分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2025/11/11)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2025/11/11)
试题1
操作系统的安全机制是指在操作系统中利用某种技术、某些软件来实施一个或多个安全服务的过程。操作系统的安全机制不包括( )。
A.标识与鉴别机制
B.访问控制机制
C.密钥管理机制
D.安全审计机制查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题2
Symmetric-key cryptosystems use the( ) key for encryption and decryption of a message,though a message or group of messages may have a different key than others. A significant disadvantage of symmetric ciphers is the key management necessary to use them securely.Each distinct pair of communicating parties must, ideally, share a different key, and perhaps each ciphertext exchanged as well. The number of keys required increases as the square of the number of network members,which very quickly requires complex key management schemes to keep them all straight and secret. The difficulty of securely establishing a secret( )between two communicating parties, when a secure channel doesn't already exist between them, also presents a chicken-and-egg problem which is a considerable practical obstacle for cryptography users in the real world.
Whitfield Difñie and Martin Hellman, authors of the first paper on public-key cryptography.
In a groundbreaking 1976 paper, Whitfield Diffie and Martin Hellman proposed the notion of public-key (also, more generally, called asymmetric key) cryptography in which two different but mathematically related keys are used-a public key and a private key. A public key system is so constructed that calculation of one key (the private key) is computationally infeasible( )the other (the public key), even though they are necessarily related. Instead, both keys are generated secretly, as an interrelated pair. The historian David Kahn described public-key cryptography as “the most revolutionary new concept in the field since poly-alphabetic substitution emerged in the Renaissance”.
In public-key cryptosystems,the( )key may be freely distributed,while its paired private key must remain secret. The public key is typically used for encryption, while the private or secret key is used for decryption. Diffie and Hellman showed that public-key cryptography was possible by presenting the Diffie-Hellman key exchange protocol.
In 1978, Ronald Rivest, Adi Shamir, and Len Adleman invented( ),another public-key system.
In 1997, it finally became publicly known that asymmetric key cryptography had been invented by James H. Ellis at GCHQ,a British intelligence organization, and that, in the early 1970s,both the Diffie-Hellman and RSA algorithms had been previously developed(by Malcolm J. Williamson and Clifford Cocks, respectively).
(1) A. different
B. same
C.public
D. private
(2)A. plaintext
B. stream
C.ciphertext
D.key
(3)A.from
B. in
C.to
D.of
(4)A.public
B.private
C.symmetric
D.asymmetric
(5) A.DES
B.AES
C.RSA
D.IDEA查看答案
试题参考答案:B、D、A、A、C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题3
以下关于BLP安全模型的表述中, 错误的是( )
A.BLP模型既有自主访问控制,又有强制访问控制
B.BLP模型是一个严格形式化的模型,并给出了形式化的证明
C.BLP模型控制信息只能由高向低流动
D.BLP是一种多级安全策略模型查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题4
能有效控制内部网络和外部网络之间的访问及数据传输,从而达到保护内部网络的信息不受外部非授权用户的访问和对不良信息的过滤的安全技术是( )
A.入侵检测
B.反病毒软件
C.防火墙
D.计算机取证查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题5
密码分析的目的是( )
A.发现加密算法
B.发现密钥或者密文对应的明文
C.发现解密算法
D.发现攻击者查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题6
核心密码保护信息的最高密级为( )
A.机密级
B.绝密级
C.秘密
D.国家秘密级查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题7
无线传感器网络WSN是由部署在监测区域内大量的廉价微型传感器节点组成,通过无线通信方式形成的一个多跳的自组织网络系统。以下针对WSN安全问题的描述中,错误的( )。
A.通过频率切换可以有效抵御WSN物理层的电子干扰攻击
B.WSN链路层容易受到拒绝服务攻击
C.分组密码算法不适合在WSN中使用
D.虫洞攻击是针对WSN路由层的一种网络攻击形式查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题8
( )攻击方式可能通过利用TCP/IP协议漏洞来实。
A.虚拟机逃逸
B.拒绝服务攻击
C.虚拟机镜像污染
D.跨站脚本攻击查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题9
以下( )不是识别逻辑炸弹攻击的有效方法?
A. 定期检查程序代码以发现不寻常的代码段
B. 监控系统文件和数据的异常变化
C. 使用防火墙阻止所有外部流量
D. 留意系统性能的异常下降查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
试题10
在进行移动应用App安全加固时,为了防止应用被反编译,以下哪种措施最为有效( )
A.加密网络通信
B.设置复杂密码
C.对应用文件进行加密和代码混淆
D.强化访问控制机制查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2025/11/11
信管网订阅号
信管网视频号
信管网抖音号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,教材和资料参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
相关内容
| 发表评论 查看完整评论 | |
考试新手指南
学习计划攻略
精华备考资料
案例论文干货
章节模拟试题
免费试听课程
考试信息推送