信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/6/12）在線測(cè)試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2020/6/12

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2020/6/12）

試題1： An IS auditor invited to a development project meeting notes that no project risks have been documented. When the IS auditor raises this issue, the project manager responds that it is too early to identify risks and that, if risks do start impacting the project, a risk manager will be hired. The appropriate response of the IS auditor would be to: 
A、stress the importance of spending time at this point in the project to consider and document risks, and to develop contingency plans. 
B、accept the project manager's position as the project manager is accountable for the outcome of the project. 
C、offer to work with the risk manager when one is appointed. 
D、inform the project manager that the IS auditor will conduct a review of the risks at the completion of the requirements definition phase of the project. 
試題解析與討論：m.xiexiliangjiufa.com/st/292658997.html
試題參考答案：A

試題2：

當(dāng)訪問(wèn)web網(wǎng)站的某個(gè)資源時(shí)，請(qǐng)求無(wú)法被服務(wù)器理解將會(huì)出現(xiàn)的HTTP狀態(tài)碼是( )
A、 200
B、 401
C、 302
D、 303

試題解析與討論：m.xiexiliangjiufa.com/st/267088942.html
試題參考答案：B

試題3：

下列哪個(gè)是蠕蟲的特性？（）
A.不感染、依附性
B.不感染、獨(dú)立性
C.可感染、依附性
D.可感染、獨(dú)立性

試題解析與討論：m.xiexiliangjiufa.com/st/27052869.html
試題參考答案：D

試題4：

某公司開發(fā)了一個(gè)游戲網(wǎng)站，但是由于網(wǎng)站軟件存在漏洞，在網(wǎng)絡(luò)中傳輸大數(shù)據(jù)包時(shí)總是會(huì)丟失一些數(shù)據(jù)，如一次性傳輸大于2000 個(gè)字節(jié)數(shù)據(jù)時(shí)，總是會(huì)有3 到5 個(gè)字節(jié)不能傳送到對(duì)方，關(guān)于此案例，可以推斷的是（）
A 該網(wǎng)站軟件存在 保密性方面安全問(wèn)題
B 該網(wǎng)站軟件存在完整性方面安全問(wèn)題
C 該網(wǎng)站軟件存在 可用性方面安全問(wèn)題
D 該 網(wǎng)站軟件存在 不可否認(rèn)性方面安全問(wèn)題

試題解析與討論：m.xiexiliangjiufa.com/st/2577428457.html
試題參考答案：B

試題5： What is the MOST prevalent security risk when an organization implements remote virtual private network (VPN) access to its network? 
A、Malicious code could be spread across the network 
B、VPN logon could be spoofed 
C、Traffic could be sniffed and decrypted 
D、VPN gateway could be compromised 
試題解析與討論：m.xiexiliangjiufa.com/st/293084515.html
試題參考答案：A

試題6： An IS auditor analyzing the audit log of a database management system (DBMS) finds that some transactions were partially executed as a result of an error, and are not rolled back. Which of the following transaction processing features has been violated? 
A、Consistency 
B、Isolation 
C、Durability 
D、Atomicity 
試題解析與討論：m.xiexiliangjiufa.com/st/2962312917.html
試題參考答案：D

試題7：

CA的核心職責(zé)是（）
A.簽發(fā)和管理證書
B.審核用戶真實(shí)信息
C.發(fā)布黑名單
D.建立實(shí)體鏈路安全

試題解析與討論：m.xiexiliangjiufa.com/st/2625220675.html
試題參考答案：A

試題8： Which of the following is the MOST effective method for dealing with the spreading of a network worm that exploits vulnerability in a protocol? 
A、Install the vendor's security fix for the vulnerability. 
B、Block the protocol traffic in the perimeter firewall. 
C、Block the protocol traffic between internal network segments. 
D、Stop the service until an appropriate security fix is installed. 
試題解析與討論：m.xiexiliangjiufa.com/st/2962223504.html
試題參考答案：D

試題9：

以下不屬于網(wǎng)絡(luò)安全控制技術(shù)的是（）
A、防火墻技術(shù)
B、訪問(wèn)控制
C、入侵檢測(cè)技術(shù)
D、差錯(cuò)控制

試題解析與討論：m.xiexiliangjiufa.com/st/2849122070.html
試題參考答案：D

試題10：

信息安全管理體系（information SecurltyManagement System.ISMS）的內(nèi)部審核和管理審核是兩項(xiàng)重要的管理活動(dòng)，關(guān)于這兩者，下面描述錯(cuò)誤的是（）
A、內(nèi)部審核和管理評(píng)審都很重要，都是促進(jìn)ISMS持續(xù)改進(jìn)的重要?jiǎng)恿?，也都?yīng)當(dāng)按照一定的周期實(shí)施
B、內(nèi)部審核的實(shí)施方式多采用文件審核和現(xiàn)場(chǎng)審核的形式，而管理評(píng)審的實(shí)施方式多采用召開管理評(píng)審會(huì)議的形式進(jìn)行
C、內(nèi)部審核的實(shí)施主體由組織內(nèi)部的ISMS內(nèi)審小組，而管理評(píng)審的實(shí)施主體是由國(guó)家政策指定的第三方技術(shù)服務(wù)機(jī)構(gòu)
D、組織的信息安全方針，信息目標(biāo)和有關(guān)ISMS文件等，在內(nèi)部審核中作為審核準(zhǔn)則使用，但在管理評(píng)審中，這些文件是被審對(duì)象

試題解析與討論：m.xiexiliangjiufa.com/st/2911716377.html
試題參考答案：C