国产系列在线,欧美日韩69

當(dāng)前位置：信管網(wǎng) >> 信息安全工程師 >> 每日一練 >> 文章內(nèi)容

信息安全工程師每日一練試題（2022/10/11）

來(lái)源：信管網(wǎng) 2022年10月12日【所有評(píng)論】

信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2022/10/11）在線(xiàn)測(cè)試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2022/10/11

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2022/10/11）

試題1

在DES加密算法中，密鑰長(zhǎng)度和被加密的分組長(zhǎng)度分別是（）
A、56位和64位
B、56位和56位
C、64位和64位
D、64位和56位
查看答案
試題參考答案：A
試題解析與討論：m.xiexiliangjiufa.com/st/2847821534.html
試題2
在缺省安裝數(shù)據(jù)庫(kù)管理系統(tǒng)MySQL后，root用戶(hù)擁有所有權(quán)限且是空口令，為了安全起見(jiàn)，必須為root用戶(hù)設(shè)置口令，以下口令設(shè)置方法中，不正確的是（）。
A.使用MySQL自帶的命令mysqladmin設(shè)置root口令
B.使用setpassword設(shè)置口令
C.登錄數(shù)據(jù)庫(kù),修改數(shù)據(jù)庫(kù)mysql下user表的字段內(nèi)容設(shè)置口令
D.登錄數(shù)據(jù)庫(kù),修改數(shù)據(jù)庫(kù)mysql下的訪(fǎng)問(wèn)控制列表內(nèi)容設(shè)置口令
查看答案
試題參考答案：D
試題解析與討論：m.xiexiliangjiufa.com/st/389422880.html
試題3
等級(jí)保護(hù)2.0強(qiáng)化了對(duì)外部人員的管理要求，包括外部人員的訪(fǎng)問(wèn)權(quán)限、保密協(xié)議的管理要求，以下表述中，錯(cuò)誤的是（）。
A.應(yīng)確保在外部人員接入網(wǎng)絡(luò)訪(fǎng)問(wèn)系統(tǒng)前先提出書(shū)面申請(qǐng)，批準(zhǔn)后由專(zhuān)人開(kāi)設(shè)賬號(hào)、分配權(quán)限,并登記備案
B.外部人員離場(chǎng)后應(yīng)及時(shí)清除其所有的訪(fǎng)問(wèn)權(quán)限
C.獲得系統(tǒng)訪(fǎng)問(wèn)授權(quán)的外部人員應(yīng)簽署保密協(xié)議，不得進(jìn)行非授權(quán)操作，不得復(fù)制和泄露任何敏感信息
D.獲得系統(tǒng)訪(fǎng)問(wèn)授權(quán)的外部人員，離場(chǎng)后可保留遠(yuǎn)程訪(fǎng)問(wèn)權(quán)限

查看答案
試題參考答案：D
試題解析與討論：m.xiexiliangjiufa.com/st/5023718231.html
試題4
文件完整性檢查的目的是發(fā)現(xiàn)受害系統(tǒng)中被篡改的文件或操作系統(tǒng)的內(nèi)核是否被替換，對(duì)于Linux系統(tǒng)，網(wǎng)絡(luò)管理員可使用( )命令直接把系統(tǒng)中的二進(jìn)制文件和原始發(fā)布介質(zhì)上對(duì)應(yīng)的文件進(jìn)行比較。
A．who
B．find
C．a(chǎn)rp
D．cmp
查看答案
試題參考答案：D
試題解析與討論：m.xiexiliangjiufa.com/st/522785103.html
試題5
為了保護(hù)個(gè)人信息安全，規(guī)范App的應(yīng)用，國(guó)家有關(guān)部門(mén)已發(fā)布了《信息安全技術(shù) 移動(dòng)互聯(lián)網(wǎng)應(yīng)用程序（App）收集個(gè)人信息基本規(guī)范（草案）》，其中，針對(duì)Android 6.0及以上可收集個(gè)人信息的權(quán)限，給出了服務(wù)類(lèi)型的最小必要權(quán)限參考范圍。根據(jù)該規(guī)范，具有位置權(quán)限的服務(wù)類(lèi)型包括( )
A．網(wǎng)絡(luò)支付、金融借貸
B．網(wǎng)上購(gòu)物、即時(shí)通信
C．餐飲外賣(mài)、運(yùn)動(dòng)健身
D．問(wèn)診掛號(hào)、求職招聘
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/st/5227510992.html
試題6
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisions
B.image
C.preimage
D.solution
查看答案
試題參考答案：A、D、C、B、A
試題解析與討論：m.xiexiliangjiufa.com/st/4115223167.html
試題7
Trust is typically interpreted as a subjective belief in the reliability， honesty and security of an entity on which we depend （）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted（）fails , then the sytems and applications that depend on it can（）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.
Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost, so that having complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
（71）A.with
B. on
C. of
D. for
（72）A.entity
B.person
C.component
D.thing
（73）A. No longer
B. never
C. always
D.often
（74）A. SP
B. IdM
C.Internet
D.entity
（75）A.trust
B.cost
C.IdM
D. solution
查看答案
試題參考答案：D、C、A、B、A
試題解析與討論：m.xiexiliangjiufa.com/st/389944612.html
試題8
如果對(duì)一個(gè)密碼體制的破譯依賴(lài)于對(duì)某一個(gè)經(jīng)過(guò)深入研究的數(shù)學(xué)難題的解決，就認(rèn)為相應(yīng)的密碼體制是（）的。
A.計(jì)算安全
B.可證明安全
C.無(wú)條件安全
D.絕對(duì)安全
查看答案
試題參考答案：B
試題解析與討論：m.xiexiliangjiufa.com/st/411494857.html
試題9
《中華人民共和國(guó)密碼法》由中華人民共和國(guó)第十三屆全國(guó)人民代表大會(huì)常務(wù)委員會(huì)第十四次會(huì)議于2019年10月26日通過(guò)，已于2020年1月1日起施行?！吨腥A人民共和國(guó)密碼法》規(guī)定國(guó)家對(duì)密碼實(shí)分類(lèi)管理，密碼分為（）。
A．核心密碼、普通密碼和商用密碼
B．對(duì)稱(chēng)密碼、公鑰密碼和哈希算法
C．國(guó)際密碼、國(guó)產(chǎn)密碼和商用密碼
D．普通密碼，涉密密碼和商用密碼
查看答案
試題參考答案：A
試題解析與討論：m.xiexiliangjiufa.com/st/5222815111.html
試題10
網(wǎng)絡(luò)流量數(shù)據(jù)挖掘分析是對(duì)采集到的網(wǎng)絡(luò)流量數(shù)據(jù)進(jìn)行挖掘，提取網(wǎng)絡(luò)流量信息，形成網(wǎng)絡(luò)審計(jì)記錄。網(wǎng)絡(luò)流量數(shù)據(jù)挖掘分析主要包括：郵件收發(fā)協(xié)議審計(jì)、網(wǎng)頁(yè)瀏覽審計(jì)、文件共享審計(jì)、文件傳輸審計(jì)、遠(yuǎn)程訪(fǎng)問(wèn)審計(jì)等。其中文件傳輸審計(jì)主要針對(duì)（）協(xié)議。
A．SMTP
B．FTP
C．Telnet
D．HTTP
查看答案
試題參考答案：B
試題解析與討論：m.xiexiliangjiufa.com/st/5226824423.html

掃碼關(guān)注公眾號(hào)

溫馨提示：因考試政策、內(nèi)容不斷變化與調(diào)整，信管網(wǎng)網(wǎng)站提供的以上信息僅供參考，如有異議，請(qǐng)以權(quán)威部門(mén)公布的內(nèi)容為準(zhǔn)！

信管網(wǎng)致力于為廣大信管從業(yè)人員、愛(ài)好者、大學(xué)生提供專(zhuān)業(yè)、高質(zhì)量的課程和服務(wù)，解決其考試證書(shū)、技能提升和就業(yè)的需求。

信管網(wǎng)軟考課程由信管網(wǎng)依托10年專(zhuān)業(yè)軟考教研傾力打造，官方教材參編作者和資深講師坐鎮(zhèn)，通過(guò)深研歷年考試出題規(guī)律與考試大綱，深挖核心知識(shí)與高頻考點(diǎn)，為學(xué)員考試保駕護(hù)航。面授、直播＆錄播，多種班型靈活學(xué)習(xí)，滿(mǎn)足不同學(xué)員考證需求，降低課程學(xué)習(xí)難度，使學(xué)習(xí)效果事半功倍。

上一篇：浙江2022年下半年軟考考前28天防疫

下一篇：信息安全工程師案例分析每日一練試題（2