信息安全工程師當天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2022/1/13）在線測試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2022/1/13

點擊查看：更多信息安全工程師習題與指導

信息安全工程師每日一練試題內(nèi)容（2022/1/13）

試題1：

以下關(guān)于安全套接層協(xié)議（SSL）的敘述中，錯誤的是（）
A、是一種應用層安全協(xié)議
B、為TCP/IP連接提供數(shù)據(jù)加密
C、為TCP/IP連接提供服務器認證
D、提供數(shù)據(jù)安全機制

試題解析與討論：m.xiexiliangjiufa.com/st/284953163.html
試題參考答案：A

試題2： 包過濾技術(shù)防火墻在過濾數(shù)據(jù)包時，一般不關(guān)心（）
A.數(shù)據(jù)包的原地址
B.數(shù)據(jù)包的目的地址
C.數(shù)據(jù)包的協(xié)議類型
D.數(shù)據(jù)包的內(nèi)容
試題解析與討論：m.xiexiliangjiufa.com/st/327384549.html
試題參考答案：D

試題3： 面向數(shù)據(jù)挖掘的隱私保護技術(shù)主要解高層應用中的隱私保護問題，致力于研究如何根據(jù)不同數(shù)據(jù)挖掘操作的特征來實現(xiàn)對隱私的保護，從數(shù)據(jù)挖的角度,不屬于隱私保護技術(shù)的是（  ）。
A.基于數(shù)據(jù)分析的隱私保護技術(shù)
B.基于微據(jù)失真的隱私保護技術(shù)
C.基于數(shù)據(jù)匿名化的隱私保護技術(shù)
D.基于數(shù)據(jù)加密的隱私保護技術(shù)
試題解析與討論：m.xiexiliangjiufa.com/st/3893114145.html
試題參考答案：A

試題4：

Kerberos是一種常用的身份認證協(xié)議，它采用的加密算法是（）
A、Elgamal
B、DES
C、MD5
D、RSA

試題解析與討論：m.xiexiliangjiufa.com/st/2847116804.html
試題參考答案：B

試題5：

利用公開密鑰算法進行數(shù)據(jù)加密時，采用的方法是（）
A、發(fā)送方用公開密鑰加密，接收方用公開密鑰解密
B、發(fā)送方用私有密鑰加密，接收方用私有密鑰解密
C、發(fā)送方用公開密鑰加密，接收方用私有密鑰解密
D、發(fā)送方用私有密鑰加密，接收方用公開密鑰解密

試題解析與討論：m.xiexiliangjiufa.com/st/2847616861.html
試題參考答案：C

試題6： The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisions
B.image
C.preimage
D.solution
試題解析與討論：m.xiexiliangjiufa.com/st/4115223167.html
試題參考答案：A、D、C、B、A

試題7： 操作系統(tǒng)的安全審計是指對系統(tǒng)中有關(guān)安全的活動進行記錄、檢查和審核的過程，為了完成審計功能，審計系統(tǒng)需要包括（  ）三大功能模塊。
A.審計數(shù)據(jù)挖掘,審計事件記錄及查詢、審計事件分析及響應報警
B.審計事件特征提取、審計事件特征匹配、安全響應報警
C.審計事件收集及過濾、審計事件記錄及查詢,審計事件分析及響應報警系統(tǒng)
D.日志采集與挖掘、安全事件記錄及查詢、安全響應報警
試題解析與討論：m.xiexiliangjiufa.com/st/3896821058.html
試題參考答案：C

試題8：

以下關(guān)于IPSec協(xié)議的敘述中，正確的是（）
A、IPSec協(xié)議是解決IP協(xié)議安全問題的一種方案
B、IPSec協(xié)議不能提供完整性
C、IPSec協(xié)議不能提供機密性保護
D、IPSec協(xié)議不能提供認證功能

試題解析與討論：m.xiexiliangjiufa.com/st/2849818821.html
試題參考答案：A

試題9： 密碼分析的目的是（）
A.發(fā)現(xiàn)加密算法
B.發(fā)現(xiàn)密鑰或者密文對應的明文
C.發(fā)現(xiàn)解密算法
D.發(fā)現(xiàn)攻擊者
試題解析與討論：m.xiexiliangjiufa.com/st/3273915034.html
試題參考答案：B

試題10： 當防火墻在網(wǎng)絡層實現(xiàn)信息過濾與控制時,主要針對TCP/IP協(xié)議中的數(shù)據(jù)包頭制定規(guī)則匹配條件并實施過濾,該規(guī)則的匹配條件不包括（  ）。
A.IP源地址
B.源端口
C.IP目的地址
D.協(xié)議
試題解析與討論：m.xiexiliangjiufa.com/st/3898620950.html
試題參考答案：B