信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6
往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html
信息安全工程师每日一练试题(2020/10/21)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/10/21
点击查看:更多信息安全工程师习题与指导
信息安全工程师每日一练试题内容(2020/10/21)
试题
1:
常见密码系统包含的元素是:()
A.明文,密文,信道,加密算法,解密算法
B.明文,摘要,信道,加密算法,解密算法
C.明文,密文,密钥,加密算法,解密算法
D.消息,密文,信道,加密算法,解密算法
试题解析与讨论:
www.cnitpm.com/st/2689318961.html试题参考答案:C
试题
2: Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department?
A、Allocating resources
B、Keeping current with technology advances
C、Conducting control self-assessment
D、Evaluating hardware needs
试题解析与讨论:
www.cnitpm.com/st/2927321032.html试题参考答案:A
试题
3: Which of the following is a dynamic analysis tool for the purpose of testing software modules?
A、Black box test
B、Desk checking
C、Structured walkthrough
D、Design and code
试题解析与讨论:
www.cnitpm.com/st/293363783.html试题参考答案:A
试题
4: The activation of an enterprise's business continuity plan should be based on predetermined criteria that address the:
A、duration of the outage.
B、type of outage.
C、probability of the outage.
D、cause of the outage.
试题解析与讨论:
www.cnitpm.com/st/2930921041.html试题参考答案:A
试题
5: Which of the following audit techniques would BEST aid an auditor in determining whether there have been unauthorized program changes since the last authorized program update?
A、Test data run
B、Code review
C、Automated code comparison
D、Review of code migration procedures
试题解析与讨论:
www.cnitpm.com/st/295612358.html试题参考答案:C
试题
6:
下述选项中对于"风险管理"的描述正确的是:()
A.安全必须是完美无缺、面面俱到的。
B.最完备的信息安全策略就是最优的风险管理对策
C.在应对信息安全风险时,要从经济、技术、管理的可行性和有效性上做出权衡和取舍.
D.防范不足就会造成损失:防范过多就可以避免损失。
试题解析与讨论:
www.cnitpm.com/st/27348932.html试题参考答案:C
试题
7: An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker:
A、compromises the Wireless Application Protocol (WAP) gateway.
B、installs a sniffing program in front of the server.
C、steals a customer's PDA.
D、listens to the wireless transmission.
试题解析与讨论:
www.cnitpm.com/st/2949620302.html试题参考答案:A
试题
8:
灾难发生后,系统和数据必须恢复到的()
A、时间要求
B、时间点要求
C、数据状态
D、运行状态
试题解析与讨论:
www.cnitpm.com/st/2698710767.html试题参考答案:B
试题
9: What is the MOST effective method of preventing unauthorized use of data files?
A、Automated file entry
B、Tape librarian
C、Access control software
D、Locked library
试题解析与讨论:
www.cnitpm.com/st/2926218918.html试题参考答案:C
试题
10: Which of the following IT governance best practices improves strategic alignment?
A、Supplier and partner risks are managed.
B、A knowledge base on customers, products, markets and processes is in place.
C、A structure is provided that facilitates the creation and sharing of business information.
D、Top management mediate between the imperatives of business and technology.
试题解析与讨论:
www.cnitpm.com/st/297313734.html试题参考答案:D
导航
