分享到微信
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2020/6/12)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/6/12
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2020/6/12)
试题1: An IS auditor invited to a development project meeting notes that no project risks have been documented. When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impacting the project, a risk manager will be hired. The appropriate response of the IS auditor would be to:A、stress the importance of spending time at this point in the project to consider and document risks, and to develop contingency plans.
B、accept the project manager's position as the project manager is accountable for the outcome of the project.
C、offer to work with the risk manager when one is appointed.
D、inform the project manager that the IS auditor will conduct a review of the risks at the completion of the requirements definition phase of the project.
试题解析与讨论:www.cnitpm.com/st/292658997.html
试题参考答案:A
试题2:
当访问web网站的某个资源时,请求无法被服务器理解将会出现的HTTP状态码是( )
A、 200
B、 401
C、 302
D、 303
试题参考答案:B
试题3:
下列哪个是蠕虫的特性?()
A.不感染、依附性
B.不感染、独立性
C.可感染、依附性
D.可感染、独立性
试题参考答案:D
试题4:
某公司开发了一个游戏网站,但是由于网站软件存在漏洞,在网络中传输大数据包时总是会丢失一些数据,如一次性传输大于2000 个字节数据时,总是会有3 到5 个字节不能传送到对方,关于此案例,可以推断的是()
A 该网站软件存在 保密性方面安全问题
B 该网站软件存在完整性方面安全问题
C 该网站软件存在 可用性方面安全问题
D 该 网站软件存在 不可否认性方面安全问题
试题参考答案:B
试题5: What is the MOST prevalent security risk when an organization implements remote virtual private network (VPN) access to its network?
A、Malicious code could be spread across the network
B、VPN logon could be spoofed
C、Traffic could be sniffed and decrypted
D、VPN gateway could be compromised
试题解析与讨论:www.cnitpm.com/st/293084515.html
试题参考答案:A
试题6: An IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated?
A、Consistency
B、Isolation
C、Durability
D、Atomicity
试题解析与讨论:www.cnitpm.com/st/2962312917.html
试题参考答案:D
试题7:
CA的核心职责是()
A.签发和管理证书
B.审核用户真实信息
C.发布黑名单
D.建立实体链路安全
试题参考答案:A
试题8: Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol?
A、Install the vendor's security fix for the vulnerability.
B、Block the protocol traffic in the perimeter firewall.
C、Block the protocol traffic between internal network segments.
D、Stop the service until an appropriate security fix is installed.
试题解析与讨论:www.cnitpm.com/st/2962223504.html
试题参考答案:D
试题9:
以下不属于网络安全控制技术的是()
A、防火墙技术
B、访问控制
C、入侵检测技术
D、差错控制
试题参考答案:D
试题10:
信息安全管理体系(information SecurltyManagement System.ISMS)的内部审核和管理审核是两项重要的管理活动,关于这两者,下面描述错误的是()
A、内部审核和管理评审都很重要,都是促进ISMS持续改进的重要动力,也都应当按照一定的周期实施
B、内部审核的实施方式多采用文件审核和现场审核的形式,而管理评审的实施方式多采用召开管理评审会议的形式进行
C、内部审核的实施主体由组织内部的ISMS内审小组,而管理评审的实施主体是由国家政策指定的第三方技术服务机构
D、组织的信息安全方针,信息目标和有关ISMS文件等,在内部审核中作为审核准则使用,但在管理评审中,这些文件是被审对象
试题参考答案:C
扫码关注公众号
温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!
信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。
信管网软考课程由信管网依托10年专业软考教研倾力打造,官方教材参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。
相关内容
| 发表评论 查看完整评论 | |
考试新手指南
学习计划攻略
精华备考资料
案例论文干货
章节模拟试题
免费试听课程
考试信息推送