信息安全工程师每日一练试题（2022/5/1）

2022年05月03日来源：信管网作者:cnitpm

信息安全工程师当天每日一练试题地址：www.cnitpm.com/exam/ExamDay.aspx?t1=6

往期信息安全工程师每日一练试题汇总：www.cnitpm.com/class/27/e6_1.html

信息安全工程师每日一练试题（2022/5/1）在线测试：www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2022/5/1

点击查看：更多信息安全工程师习题与指导

信息安全工程师每日一练试题内容（2022/5/1）

试题1
IP地址分为全球地址和专用地址,以下属于专用地址的是（）。
A.192.172.1.2
B. 10.1.2.3
C.168.1.2.3
D.172.168.1.2
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/3896521323.html
试题2
目前网络安全形势日趋复杂，攻击手段和攻击工具层出不穷，攻击工具日益先进, 攻击者需要的技能日趋下降。以下关于网络攻防的描述中，不正确的是（）。
A.嗅探器Sniffer工作的前提是网络必须是共享以太网
B.加密技术可以有效抵御各类系统攻击
C.APT的全称是高级持续性威胁
D.同步包风暴(SYN Flooding)的攻击来源无法定位
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/411479305.html
试题3
容灾的目的和实质是（）
A.实现对系统数据的备份
B.提升用户的安全预期
C.保持对信息系统的业务持续性
D.信息系统的必要补充
查看答案
试题参考答案：C
试题解析与讨论：www.cnitpm.com/st/3271523601.html
试题4
ISO制定的安全体系结构描述了5种安全服务，以下不属于这5种安全服务的是（）
A.鉴别服务
B.数据报过滤
C.访问控制
D.数据完整性
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/3270424021.html
试题5

Kerberos是一种常用的身份认证协议，它采用的加密算法是（）
A、Elgamal
B、DES
C、MD5
D、RSA
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/2847116804.html
试题6
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisions
B.image
C.preimage
D.solution
查看答案
试题参考答案：A、D、C、B、A
试题解析与讨论：www.cnitpm.com/st/4115223167.html
试题7
攻击者通过对目标主机进行端口扫描可以直接获得（）。
A.目标主机的操作系统信息
B.目标主机开放端口服务信息
C.目标主机的登录口令
D.目标主机的硬件设备信息
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/3897019734.html
试题8
PKI中撤销证书是通过维护一个证书撤销列表CRL来实现的。以下不会导致证书被撤销的是（）。
A.密钥泄漏
B.系统升级
C.证书到期
D.从属变更
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/4114120079.html
试题9
如果对一个密码体制的破译依赖于对某一个经过深入研究的数学难题的解决，就认为相应的密码体制是（）的。
A.计算安全
B.可证明安全
C.无条件安全
D.绝对安全
查看答案
试题参考答案：B
试题解析与讨论：www.cnitpm.com/st/411494857.html
试题10
研究密码破译的科学称为密码分析学。密码分析学中，根据密码分析者可利用的数据资源，可将攻击密码的类型分为四种，其中适于攻击公开密钥密码体制，特别是攻击其数字签名的是（）。
A、仅知密文攻击
B、已知明文攻击
C、选择密文攻击
D、选择明文攻击
查看答案
试题参考答案：C
试题解析与讨论：www.cnitpm.com/st/410878655.html

温馨提示：因考试政策、内容不断变化与调整，信管网提供的以上信息仅供参考，如有异议，请考生以权威部门公布的内容为准！

分享至：