专业信息安全工程师网站|培训机构|服务商(2021信息安全工程师学习QQ群:327677606,客服QQ:800184589)

软题库 培训课程
当前位置:信管网 >> 信息安全工程师 >> 每日一练 >> 文章内容
信息安全工程师每日一练试题(2020/9/6)
来源:信管网 2020年09月07日 【所有评论 分享到微信

信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6

往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html

信息安全工程师每日一练试题(2020/9/6)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/9/6

点击查看:更多信息安全工程师习题与指导

信息安全工程师每日一练试题内容(2020/9/6)

试题1: 防火墙的部署不包括以下的()。
A、双宿主机防火墙
B、堡垒主机防火墙
C、屏蔽主机防火墙
D、屏蔽子网防火墙
试题解析与讨论:www.cnitpm.com/st/2149526936.html
试题参考答案:B

试题2: 下列哪一项是对访客访问数据中心最有效的控制?()
A、陪同访问者。
B、要求访问者佩戴证件。
C、访问者签字后进入。
D、操作人员对访问者进行抽查。
试题解析与讨论:www.cnitpm.com/st/3023915352.html
试题参考答案:A

试题3: 下列关于数字签名说法正确的是(  )。
A.数字签名不可信
B.数字签名不可改变
C.数字签名可以否认
D.数字签名易被伪造
试题解析与讨论:www.cnitpm.com/st/411153134.html
试题参考答案:B

试题4

信息系统安全主要从那几个方面进行评估?()
A、1个(技术)
B、2个(技术、管理)
C、3个(技术、管理、工程)
D、4个(技术、管理、工程、应用)

试题解析与讨论:www.cnitpm.com/st/269297551.html
试题参考答案:C

试题5: 如果一个SQL Server数据库维护人员,需要具有建立测试性的数据库的权限,那么应该指派给他哪个权限()?
A、Database  Creators
B、System  Administrators
C、Server  Administrators
D、Security   Adiministrators
试题解析与讨论:www.cnitpm.com/st/224559049.html
试题参考答案:A

试题6

以下选项中哪一项是对于信息安全风险采取的纠正机制()
A.访问控制
B.入侵检测
C.灾难恢复
D.防病毒系统

试题解析与讨论:www.cnitpm.com/st/2691110179.html
试题参考答案:C

试题7: An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should: 
A、conclude that the controls are inadequate. 
B、expand the scope to include substantive testing. 
C、place greater reliance on previous audits. 
D、suspend the audit. 
试题解析与讨论:www.cnitpm.com/st/2922323296.html
试题参考答案:B

试题8: To ensure authentication, confidentiality and integrity of a message, the sender should encrypt the hash of the message with the sender's: 
A、public key and then encrypt the message with the receiver's private key. 
B、private key and then encrypt the message with the receiver's public key. 
C、public key and then encrypt the message with the receiver's public key. 
D、private key and then encrypt the message with the receiver's private key. 
试题解析与讨论:www.cnitpm.com/st/2930222630.html
试题参考答案:B

试题9

(1)is the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party. the goal of steganography is to hide the data from a third party. In this article, I will discuss what steganography is, what purposes it serves, and will provide an example using available software.
There are a large number of steganographic (2)that most of us are familiar with (especially if you watch a lot of spy movies), ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication. With computers and networks, there are many other ways of hiding informations, such as:
Covert channels (c,g, Loki and some distributed denial-of-service tools use the Internet Control (3)Protocol, or ICMP, as the communication channel between the “bad guy”and a compromicyed system)
Hidden text within Web pages
Hiding files in “plain sight”(c,g. what better place to “hide”a file than with an important sounding name in the c:\winnt system32 directory)
Null ciphers(c,g, using the first letter of each word to form a hidden message in an otherwise innocuous text)
steganography today, however, is significantly more (4)than the example about suggest, allowing a user to hide large amounts of information within image and audio. These forms of steganography often are used in conjunction with cryptography so the information is double protected; first it is encrypted and then hidden so that an advertisement first. find the information ( an often difficult task in and of itself) and the decrypted it.
The simplest approach to hiding data within an image file is called (5)signature insertion. In this method, we can take the binary representation of the hidden data and the bit of each byte within the covert image. If we are using 24-bit color the amount and will be minimum and indiscriminate to the human eye.
(1)A、Cryptography
B、Geography
C、Stenography
D、Steganography
(2)A、methods
B、software
C、tools
D、services
(3)A、Member
B、Management
C、Message
D、Mail
(4)A、powerful
B、sophistication
C、advanced
D、easy
(5)A、least
B、most
C、much
D、less

试题解析与讨论:www.cnitpm.com/st/2851420507.html
试题参考答案:D、A、C、B、A

试题10

信息安全风险的三要素是指:()
A.资产/威胁/脆弱性
B.资产/使命/威胁
C.使命/威胁/脆弱性
D.威胁/脆弱性/使命

试题解析与讨论:www.cnitpm.com/st/2710021912.html
试题参考答案:A

扫码关注公众号

温馨提示:因考试政策、内容不断变化与调整,信管网网站提供的以上信息仅供参考,如有异议,请以权威部门公布的内容为准!

信管网致力于为广大信管从业人员、爱好者、大学生提供专业、高质量的课程和服务,解决其考试证书、技能提升和就业的需求。

信管网软考课程由信管网依托10年专业软考教研倾力打造,官方教材参编作者和资深讲师坐镇,通过深研历年考试出题规律与考试大纲,深挖核心知识与高频考点,为学员考试保驾护航。面授、直播&录播,多种班型灵活学习,满足不同学员考证需求,降低课程学习难度,使学习效果事半功倍。

相关内容

发表评论  查看完整评论  

推荐文章