国产乱码精品一区二区,五月婷婷之综合激情

當(dāng)前位置：信管網(wǎng) >> 信息安全工程師 >> 每日一練 >> 文章內(nèi)容

信息安全工程師每日一練試題（2024/9/9）

來源：信管網(wǎng) 2024年09月10日【所有評(píng)論】

信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2024/9/9）在線測(cè)試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2024/9/9）

試題1
關(guān)于宏病毒的傳播機(jī)制，以下哪項(xiàng)描述是正確的？
A．宏病毒會(huì)自動(dòng)通過互聯(lián)網(wǎng)搜索并感染其他計(jì)算機(jī)
B．宏病毒在文件被關(guān)閉時(shí)自動(dòng)復(fù)制并感染其他文件
C．宏病毒的觸發(fā)需要用戶打開一個(gè)被感染的文件并允許宏程序執(zhí)行
D．宏病毒可以感染任何類型的文件，無論是否包含宏代碼
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題2
以下哪項(xiàng)屬于上下文因素（）
A．設(shè)備交互模式
B．應(yīng)用行為模式
C．設(shè)備和網(wǎng)絡(luò)模式
D．左/右手
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題3
自然安全威脅不包含（）
A．地震
B．火災(zāi)
C．爆炸
D．雷電
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題4
以下（）情況最可能構(gòu)成A6-安全配置錯(cuò)誤。
A．網(wǎng)站的登錄表單未對(duì)輸入進(jìn)行驗(yàn)證，導(dǎo)致XSS攻擊。
B．網(wǎng)站的服務(wù)器配置了詳細(xì)的錯(cuò)誤信息，暴露了數(shù)據(jù)庫(kù)查詢語(yǔ)句。
C．網(wǎng)站的數(shù)據(jù)庫(kù)使用了弱密碼，導(dǎo)致數(shù)據(jù)泄露。
D．網(wǎng)站的API未實(shí)施HTTPS，數(shù)據(jù)在傳輸過程中被截獲。
查看答案
試題參考答案：B
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題5
下圖中，（）的網(wǎng)絡(luò)流量數(shù)據(jù)可以被網(wǎng)絡(luò)流量采集設(shè)備獲取到。

A．服務(wù)器A
B．服務(wù)器B
C．服務(wù)器A和B都可以
D．服務(wù)器A和B都不可以
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題6
訪問控制機(jī)制由一組安全機(jī)制構(gòu)成，可以抽象為一個(gè)簡(jiǎn)單的模型，模型中1、2、3分別為（）

A．訪問控制數(shù)據(jù)庫(kù)、參考監(jiān)視器、審計(jì)庫(kù)
B．參考監(jiān)視器、訪問控制數(shù)據(jù)庫(kù)、審計(jì)庫(kù)
C．參考監(jiān)視器、審計(jì)庫(kù)、訪問控制數(shù)據(jù)庫(kù)
D．審計(jì)庫(kù)、參考監(jiān)視器、訪問控制數(shù)據(jù)庫(kù)
查看答案
試題參考答案：A
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題7
從網(wǎng)絡(luò)安全的角度看，以下原則中不屬于網(wǎng)絡(luò)安全防護(hù)體系在設(shè)計(jì)和實(shí)現(xiàn)時(shí)需要遵循的基本原則的是（）。
A.最小權(quán)限原則
B.縱深防御原則
C.安全性與代價(jià)平衡原則
D.Kerckhoffs原則
查看答案
試題參考答案：D
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題8
The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’ type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisions
B.image
C.preimage
D.solution
查看答案
試題參考答案：A、D、C、B、A
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題9
特權(quán)的分配原則是（）
A．按需使用原則
B．最大特權(quán)原則
C．管理員授權(quán)原則
D．誰(shuí)用誰(shuí)負(fù)責(zé)原則
查看答案
試題參考答案：A
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9
試題10
在Oracle數(shù)據(jù)庫(kù)系統(tǒng)中，為了提高數(shù)據(jù)傳輸?shù)陌踩?，防止?shù)據(jù)在傳輸過程中被竊聽或篡改，推薦使用（）加密機(jī)制。
A．IPsec
B．SSH
C．SSL/TLS
D．WEP
查看答案
試題參考答案：C
試題解析與討論：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2024/9/9

信管網(wǎng)訂閱號(hào)

信管網(wǎng)視頻號(hào)

信管網(wǎng)抖音號(hào)

溫馨提示：因考試政策、內(nèi)容不斷變化與調(diào)整，信管網(wǎng)網(wǎng)站提供的以上信息僅供參考，如有異議，請(qǐng)以權(quán)威部門公布的內(nèi)容為準(zhǔn)！

信管網(wǎng)致力于為廣大信管從業(yè)人員、愛好者、大學(xué)生提供專業(yè)、高質(zhì)量的課程和服務(wù)，解決其考試證書、技能提升和就業(yè)的需求。

信管網(wǎng)軟考課程由信管網(wǎng)依托10年專業(yè)軟考教研傾力打造，教材和資料參編作者和資深講師坐鎮(zhèn)，通過深研歷年考試出題規(guī)律與考試大綱，深挖核心知識(shí)與高頻考點(diǎn)，為學(xué)員考試保駕護(hù)航。面授、直播＆錄播，多種班型靈活學(xué)習(xí)，滿足不同學(xué)員考證需求，降低課程學(xué)習(xí)難度，使學(xué)習(xí)效果事半功倍。