2023年09月12日来源:信管网 作者:cnitpm
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2023/9/11)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2023/9/11
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2023/9/11)
试题1
Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the sytems and applications that depend on it can( )be considered secure.An often cited articulation of this principle is:" a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.查看答案
试题参考答案:D、C、A、B、A
试题解析与讨论:www.cnitpm.com/st/389944612.html
试题2
网络安全管理是对网络系统中网管对象的风险进行控制。给操作系统打补丁属于( )方法。查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/st/522847715.html
试题3
深度流检测技术就是以流为基本研究对象,判断网络流是否异常的一种网络安全技术,其主要组成部分通常不包括()
A、流特征选择
B、流特征提供
C、分类器
D、响应
查看答案
试题参考答案:D
试题解析与讨论:www.cnitpm.com/st/284892858.html
试题4
包过滤是在IP层实现的防火墙技术,根据包的源IP地址、目的IP地址、源端口、目的端口及包传递方向等包头信息判新是否允许包通过。包过滤型防火墙扩展IP访问控制规则的格式如下:查看答案
试题参考答案:B
试题5
SM4是一种分组密码算法,其分组长度和密钥长度分别为()。查看答案
试题参考答案:B
试题6
( )攻击是指借助于客户机/服务器技术,将多个计算机联合起来作为攻击平台,对一个或多个目标发动DoS攻击,从而成倍地提高拒绝服务攻击的威力。查看答案
试题参考答案:B
试题7
以下关于认证技术的描述中,错误的是( )。查看答案
试题参考答案:C
试题8
当防火墙在网络层实现信息过滤与控制时,主要针对TCP/IP协议中的数据包头制定规则匹配条件并实施过滤,该规则的匹配条件不包括( )。查看答案
试题参考答案:B
试题9
在非安全的通信环境中,为了保证消息来源的可靠性,通常采用的安全防护技术是()查看答案
试题参考答案:C
试题10
能力成熟度模型(CMM)是对一个组织机构的能力进行成熟度评估的模型,成熟度级别一般分为五级:1级-非正式执行,2级-计划跟踪,3级-充分定义,4级-量化控制,5级-持续优化。在软件安全能力成熟度模型中,漏洞评估过程属于( )查看答案
试题参考答案:C
温馨提示:因考试政策、内容不断变化与调整,信管网提供的以上信息仅供参考,如有异议,请考生以权威部门公布的内容为准!
相关推荐