2023年10月29日来源:信管网 作者:cnitpm
信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2023/10/28)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2023/10/28
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2023/10/28)
试题1
Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the sytems and applications that depend on it can( )be considered secure.An often cited articulation of this principle is:" a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.查看答案
试题参考答案:D、C、A、B、A
试题解析与讨论:www.cnitpm.com/st/389944612.html
试题2
有线等效保密协议WEP是IEEE 802.11标准的一部分,其为了实现机密性采用的加密算法是()查看答案
试题参考答案:C
试题3
数字签名是对以数字形式储存的消息就行某种处理,产生一种类似于传统手书签名功效的消息处理过程,一个数字签名体制通常包括两个部分,()查看答案
试题参考答案:A
试题4
入侵取证是指通过特定的软件和工具,从计算机及网络系统中提取攻击证据。以下网络安全取证步骤正确的是( )。查看答案
试题参考答案:B
试题5
网络流量数据挖掘分析是对采集到的网络流量数据进行挖掘,提取网络流量信息,形成网络审计记录。网络流量数据挖掘分析主要包括:邮件收发协议审计、网页浏览审计、文件共享审计、文件传输审计、远程访问审计等。其中文件传输审计主要针对( )协议。查看答案
试题参考答案:B
试题6
SMTP是一种提供可靠有效的电子邮件传输的协议,采用客户服务器的工作方式,在传输层使用TCP协议进行传输。SMTP发送协议中,传送报文文本的指令是() 。查看答案
试题参考答案:D
试题7
P2DR模型是一种体现主动防御思想的网络安全模型,该模型中D表示( )。查看答案
试题参考答案:B
试题8
防火墙的安全规则由匹配条件和处理方式两部分组成。当网络流量与当前的规则匹配时,就必须采用规则中的处理方式进行处理。其中,拒绝数据包或信息通过,并且通 知信息源该信息被禁止的处理方式是( )。查看答案
试题参考答案:B
试题解析与讨论:www.cnitpm.com/st/411447532.html
试题9
从对信息的破坏性上看,网络攻击可以分为被动攻击和主动攻击,以下属于被动攻击的是( )。查看答案
试题参考答案:B
试题10
研究密码破译的科学称为密码分析学。密码分析学中,根据密码分析者可利用的数据资源,可将攻击密码的类型分为四种,其中适于攻击公开密钥密码体制,特别是攻击其数字签名的是 ( )。查看答案
试题参考答案:C
试题解析与讨论:www.cnitpm.com/st/410878655.html
温馨提示:因考试政策、内容不断变化与调整,信管网提供的以上信息仅供参考,如有异议,请考生以权威部门公布的内容为准!
相关推荐