信息安全工程师每日一练试题(2026/3/20)
分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2026/3/20)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2026/3/20
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2026/3/20)
试题1
AES算法必须满足的要求不正确的是( )
A.密码必须可以在世界范围内免费使用
B.密码必须是没有密级的
C.密码系统支持至少64比特长的分组
D.密码支持的密钥长度至少为128、192和256比特查看答案
试题参考答案:C
试题2
关于公钥证书描述不正确的是( )
A.公钥证书将实体和一个公钥绑定
B.公钥证书可以证实公钥的真实性
C.公钥证书由CA颁发
D.公钥证书不包含实体的身份信息查看答案
试题参考答案:D
试题3
近些年国密算法和标准体系受到越来越多的关注,基于国密算法的应用也得到了快速发展。以下国密算法中,属于分组密码算法的是( )。
A.SM2
B.SM3
C.SM4
D.SM9查看答案
试题参考答案:C
试题4
精于算计的攻击者在退出系统之前会在系统中制造一些后门,以方便自己下次入侵,攻击者设计后门时通常会考虑的方法不包括( )
A.放宽文件许可权
B.修改系统的配置
C.建立个人信道
D.安装嗅探器查看答案
试题参考答案:C
试题5
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of (71 )and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’ type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
(71)
A.plaintext
B.ciphertext
C.data
D.hash
(72)
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
(73)
A.of
B.for
C.with
D.in
(74)
A.hash
B.stream
C.ciphertext
D.plaintext
(75)
A.collisions
B.image
C.preimage
D.solution查看答案
试题参考答案:A、D、C、B、A
试题6
强制访问控制是指系统根据主体和客体的安全属性,以强制方式控制主体对客体的访问。以下描述正确的是( )
A.强制访问控制的访问机制更灵活
B.强制访问控制对用户的误操作无效
C.强制访问控制能适应高安全等级需求,常用于军事领域
D.强制访问控制的实施依赖于用户的安全意识和技能查看答案
试题参考答案:C
试题7
宏病毒和脚本恶意代码通常使用( )技术来实现变形。
A.指令替换
B.重编译
C.指令扩展
D.伪指令查看答案
试题参考答案:B
试题8
PDRR模型是Protection、Detection、Recovery、Response。其中响应(Response)的主要内容不包括( )
A.防火墙技术
B.应急策略
C.应急机制
D.入侵过程分析查看答案
试题参考答案:A
试题9
在云计算环境下,数据泄露的一个可能原因是( )
A.云服务提供商内部人员误操作
B.云服务API接口不安全
C.数据的实际存储位置可能在境外
D.虚拟机镜像存在安全漏洞查看答案
试题参考答案:C
试题10
数字水印技术通过在多媒体数据中嵌入隐蔽的水印标记,可以有效实现对数字多媒体数据的版权保护等功能。以下不属于数字水印在数字版权保护中必须满足的基本应用需求的是( )。
A.保密性
B.隐蔽性
C.可见性
D.完整性查看答案
试题参考答案:C
信管网订阅号
信管网视频号
信管网抖音号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,教材和资料参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
| 发表评论 查看完整评论 | |
推荐文章
各省市软考报名简章
信管网APP下载
考试信息推送