2022年10月12日来源:信管网 作者:cnitpm
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2022/10/11)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2022/10/11
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2022/10/11)
试题1
在DES加密算法中,密钥长度和被加密的分组长度分别是()
A、56位和64位
B、56位和56位
C、64位和64位
D、64位和56位
查看答案
试题参考答案:A
试题2
在缺省安装数据库管理系统MySQL后,root用户拥有所有权限且是空口令,为了安全起见,必须为root用户设置口令,以下口令设置方法中,不正确的是( )。查看答案
试题参考答案:D
试题解析与讨论:www.cnitpm.com/st/389422880.html
试题3
等级保护2.0强化了对外部人员的管理要求,包括外部人员的访问权限、保密协议的管理要求,以下表述中,错误的是()。查看答案
试题参考答案:D
试题4
文件完整性检查的目的是发现受害系统中被篡改的文件或操作系统的内核是否被替换,对于Linux系统,网络管理员可使用( )命令直接把系统中的二进制文件和原始发布介质上对应的文件进行比较。查看答案
试题参考答案:D
试题解析与讨论:www.cnitpm.com/st/522785103.html
试题5
为了保护个人信息安全,规范App的应用,国家有关部门已发布了《信息安全技术 移动互联网应用程序(App)收集个人信息基本规范(草案)》,其中,针对Android 6.0及以上可收集个人信息的权限,给出了服务类型的最小必要权限参考范围。根据该规范,具有位置权限的服务类型包括( )查看答案
试题参考答案:C
试题6
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of (71 )and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.查看答案
试题参考答案:A、D、C、B、A
试题7
Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the sytems and applications that depend on it can( )be considered secure.An often cited articulation of this principle is:" a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.查看答案
试题参考答案:D、C、A、B、A
试题解析与讨论:www.cnitpm.com/st/389944612.html
试题8
如果对一个密码体制的破译依赖于对某一个经过深入研究的数学难题的解决,就认为相应的密码体制是( )的。查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/st/411494857.html
试题9
《中华人民共和国密码法》由中华人民共和国第十三届全国人民代表大会常务委员会第十四次会议于2019年10月26日通过,已于2020年1月1日起施行。《中华人民共和国密码法》规定国家对密码实分类管理,密码分为( )。查看答案
试题参考答案:A
试题10
网络流量数据挖掘分析是对采集到的网络流量数据进行挖掘,提取网络流量信息,形成网络审计记录。网络流量数据挖掘分析主要包括:邮件收发协议审计、网页浏览审计、文件共享审计、文件传输审计、远程访问审计等。其中文件传输审计主要针对( )协议。查看答案
试题参考答案:B
温馨提示:因考试政策、内容不断变化与调整,信管网提供的以上信息仅供参考,如有异议,请考生以权威部门公布的内容为准!
相关推荐