信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2021/8/17）在線測試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2021/8/17

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2021/8/17）

試題1：

掃描技術(shù)（）
A、只能作為攻擊工具
B、只能作為防御工具
C、只能作為檢查系統(tǒng)漏洞的工具
D、既可以作為攻擊工具，也可以作為防御工具

試題解析與討論：m.xiexiliangjiufa.com/st/2850528262.html
試題參考答案：D

試題2： 下列攻擊中，不能導(dǎo)致網(wǎng)絡(luò)癱瘓的是（）
A.溢出攻擊
B.釣魚攻擊
C.郵件炸彈攻擊
D.拒絕服務(wù)攻擊
試題解析與討論：m.xiexiliangjiufa.com/st/326974758.html
試題參考答案：B

試題3： DSS數(shù)字簽名標(biāo)準(zhǔn)的核心是數(shù)字簽名算法DSA，該簽名算法中雜湊函數(shù)采用的是（）。
A. SHA1
B. MD5
C. MD4
D. SHA2
試題解析與討論：m.xiexiliangjiufa.com/st/3275324398.html
試題參考答案：A

試題4： 安全策略表達(dá)模型是一種對(duì)安全需求與安全策略的抽象概念模型，一般分為自主訪問控制模型和強(qiáng)制訪問控制模型。以下屬于自主訪問控制模型的是（）
A. BLP模型
B. HRU模型
C. BN模型
D.基于角色的訪問控制模型
試題解析與討論：m.xiexiliangjiufa.com/st/3272020263.html
試題參考答案：B

試題5： 以下關(guān)于認(rèn)證技術(shù)的描述中，錯(cuò)誤的是（）
A.基于生物特征認(rèn)證一般分為驗(yàn)證和識(shí)別兩個(gè)過程
B.身份認(rèn)證是用來對(duì)信息系統(tǒng)中實(shí)體的合法性進(jìn)行驗(yàn)證的方法
C.數(shù)字簽名的結(jié)果是十六進(jìn)制的字符串
D.消息認(rèn)證能夠確定接收方收到的消息是否被篡改過
試題解析與討論：m.xiexiliangjiufa.com/st/3273527510.html
試題參考答案：C

試題6： 惡意代碼是指為達(dá)到惡意目的而專門設(shè)計(jì)的程序或代碼。以下惡意代碼中，屬于腳本病毒的是 （  ）。
A. Worm. Sasser, f
B. Trojan. Huigezi. a
C. Harm. formatC. f
D. Script. Redlof
試題解析與討論：m.xiexiliangjiufa.com/st/4110512003.html
試題參考答案：D

試題7： WI-FI網(wǎng)絡(luò)安全接入是一種保護(hù)無線網(wǎng)絡(luò)安全的系統(tǒng),WPA加密的認(rèn)證方式不包括（  ）。
A.WPA和WPA2
B.WEP
C.WPA-PSK
D.WPA2-PSK
試題解析與討論：m.xiexiliangjiufa.com/st/389604283.html
試題參考答案：B

試題8：

以下選項(xiàng)中，不屬于生物識(shí)別方法的是（）
A、指紋識(shí)別
B、聲音識(shí)別
C、虹膜識(shí)別
D、個(gè)人標(biāo)記號(hào)識(shí)別

試題解析與討論：m.xiexiliangjiufa.com/st/284607440.html
試題參考答案：D

試題9： The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisons
B.image
C.preimage
D.solution
試題解析與討論：m.xiexiliangjiufa.com/st/4115223167.html
試題參考答案：A、D、C、B、C

試題10： （  ）是指采用一種或多種傳播手段，將大量主機(jī)感染bot程序，從而在控制者和被感染主機(jī)之間形成的一個(gè)可以一對(duì)多控制的網(wǎng)絡(luò)。
A.特洛伊木馬
B.僵尸網(wǎng)絡(luò)
C. ARP欺騙
D.網(wǎng)絡(luò)釣魚
試題解析與討論：m.xiexiliangjiufa.com/st/411025865.html
試題參考答案：B