信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/5/20）在線測(cè)試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2020/5/20

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2020/5/20）

試題1：

以下對(duì)于蠕蟲(chóng)病毒的說(shuō)法錯(cuò)誤的是：（）
A.通常蠕蟲(chóng)的傳播無(wú)需用戶(hù)的操作
B.蠕蟲(chóng)病毒的主要危害體現(xiàn)在對(duì)數(shù)據(jù)保密性的破壞
C.蠕蟲(chóng)的工作原理與病毒相似，除了沒(méi)有感染文件階段
D.是一段能不以其他程序?yàn)槊浇椋瑥囊粋€(gè)電腦系統(tǒng)復(fù)制到另一個(gè)電腦系統(tǒng)的程序

試題解析與討論：m.xiexiliangjiufa.com/st/2737516641.html
試題參考答案：B

試題2： A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? 
A、Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). 
B、A digital signature with RSA has been implemented. 
C、Digital certificates with RSA are being used. 
D、Work is being completed in TCP services. 
試題解析與討論：m.xiexiliangjiufa.com/st/2979922110.html
試題參考答案：A

試題3： Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program? 
A、A system downtime log 
B、Vendors' reliability figures 
C、Regularly scheduled maintenance log 
D、A written preventive maintenance schedule 
試題解析與討論：m.xiexiliangjiufa.com/st/2936924981.html
試題參考答案：A

試題4： The PRIMARY objective of an audit of IT security policies is to ensure that: 
A、they are distributed and available to all staff. 
B、security and control policies support business and IT objectives. 
C、there is a published organizational chart with functional descriptions. 
D、duties are appropriately segregated. 

試題解析與討論：m.xiexiliangjiufa.com/st/2965910699.html
試題參考答案：B

試題5： Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security policy? 
A、Users should not leave tokens where they could be stolen 
B、Users must never keep the token in the same bag as their laptop computer 
C、Users should select a PIN that is completely random, with no repeating digits 
D、Users should never write down their PIN 
試題解析與討論：m.xiexiliangjiufa.com/st/2983524679.html
試題參考答案：D

試題6： In an online banking application, which of the following would BEST protect against identity theft? 
A、Encryption of personal password 
B、Restricting the user to a specific terminal 
C、Two-factor authentication 
D、Periodic review of access logs 
試題解析與討論：m.xiexiliangjiufa.com/st/292117052.html
試題參考答案：C

試題7：

制定數(shù)據(jù)備份方案時(shí)，需要考慮的兩個(gè)因素為適合的備份時(shí)間和（）
A、備份介質(zhì)
B、備份的存儲(chǔ)位置
C、備份數(shù)據(jù)量
D、恢復(fù)數(shù)據(jù)的最大允許時(shí)間

試題解析與討論：m.xiexiliangjiufa.com/st/2729322567.html
試題參考答案：D

試題8： 以下惡意代碼中，屬于宏病毒的是（）
A. Macro.Melissa
B. Trojian.huigezi.a
C. Worm.Blaster.g
D. Backdoor.Agobot.frt
試題解析與討論：m.xiexiliangjiufa.com/st/327144885.html
試題參考答案：A

試題9： Accountability for the maintenance of appropriate security measures over information assets resides with the: 
A、security administrator. 
B、systems administrator. 
C、data and systems owners. 
D、systems operations group. 
試題解析與討論：m.xiexiliangjiufa.com/st/2933513112.html
試題參考答案：C

試題10：

口令是驗(yàn)證用戶(hù)身份的最常用手段，以下哪一種口令的潛在風(fēng)險(xiǎn)影響范圍最大？（）
A、長(zhǎng)期沒(méi)有修改的口令
B、過(guò)短的口令
C、兩個(gè)人公用的口令
D、設(shè)備供應(yīng)商提供的默認(rèn)口令

試題解析與討論：m.xiexiliangjiufa.com/st/2646727870.html
試題參考答案：D