信息安全工程師當天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/9/6）在線測試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2020/9/6

點擊查看：更多信息安全工程師習題與指導

信息安全工程師每日一練試題內(nèi)容（2020/9/6）

試題1： 防火墻的部署不包括以下的()。
A、雙宿主機防火墻
B、堡壘主機防火墻
C、屏蔽主機防火墻
D、屏蔽子網(wǎng)防火墻
試題解析與討論：m.xiexiliangjiufa.com/st/2149526936.html
試題參考答案：B

試題2： 下列哪一項是對訪客訪問數(shù)據(jù)中心最有效的控制？（）
A、陪同訪問者。
B、要求訪問者佩戴證件。
C、訪問者簽字后進入。
D、操作人員對訪問者進行抽查。
試題解析與討論：m.xiexiliangjiufa.com/st/3023915352.html
試題參考答案：A

試題3： 下列關(guān)于數(shù)字簽名說法正確的是（  ）。
A.數(shù)字簽名不可信
B.數(shù)字簽名不可改變
C.數(shù)字簽名可以否認
D.數(shù)字簽名易被偽造
試題解析與討論：m.xiexiliangjiufa.com/st/411153134.html
試題參考答案：B

試題4：

信息系統(tǒng)安全主要從那幾個方面進行評估？（）
A、1個（技術(shù)）
B、2個（技術(shù)、管理）
C、3個（技術(shù)、管理、工程）
D、4個（技術(shù)、管理、工程、應用）

試題解析與討論：m.xiexiliangjiufa.com/st/269297551.html
試題參考答案：C

試題5： 如果一個SQL Server數(shù)據(jù)庫維護人員，需要具有建立測試性的數(shù)據(jù)庫的權(quán)限，那么應該指派給他哪個權(quán)限（）？
A、Database  Creators
B、System  Administrators
C、Server  Administrators
D、Security   Adiministrators
試題解析與討論：m.xiexiliangjiufa.com/st/224559049.html
試題參考答案：A

試題6：

以下選項中哪一項是對于信息安全風險采取的糾正機制（）
A.訪問控制
B.入侵檢測
C.災難恢復
D.防病毒系統(tǒng)

試題解析與討論：m.xiexiliangjiufa.com/st/2691110179.html
試題參考答案：C

試題7： An IS auditor interviewing a payroll clerk finds that the answers do not support job descriptions and documented procedures. Under these circumstances, the IS auditor should: 
A、conclude that the controls are inadequate. 
B、expand the scope to include substantive testing. 
C、place greater reliance on previous audits. 
D、suspend the audit. 
試題解析與討論：m.xiexiliangjiufa.com/st/2922323296.html
試題參考答案：B

試題8： To ensure authentication, confidentiality and integrity of a message, the sender should encrypt the hash of the message with the sender's: 
A、public key and then encrypt the message with the receiver's private key. 
B、private key and then encrypt the message with the receiver's public key. 
C、public key and then encrypt the message with the receiver's public key. 
D、private key and then encrypt the message with the receiver's private key. 
試題解析與討論：m.xiexiliangjiufa.com/st/2930222630.html
試題參考答案：B

試題9：

（1）is the science of hiding information. Whereas the goal of cryptography is to make data unreadable by a third party. the goal of steganography is to hide the data from a third party. In this article, I will discuss what steganography is, what purposes it serves, and will provide an example using available software.
There are a large number of steganographic （2）that most of us are familiar with (especially if you watch a lot of spy movies), ranging from invisible ink and microdots to secreting a hidden message in the second letter of each word of a large body of text and spread spectrum radio communication. With computers and networks, there are many other ways of hiding informations, such as:
Covert channels (c,g, Loki and some distributed denial-of-service tools use the Internet Control （3）Protocol, or ICMP, as the communication channel between the “bad guy”and a compromicyed system)
Hidden text within Web pages
Hiding files in “plain sight”(c,g. what better place to “hide”a file than with an important sounding name in the c:\winnt system32 directory)
Null ciphers(c,g, using the first letter of each word to form a hidden message in an otherwise innocuous text)
steganography today, however, is significantly more （4）than the example about suggest, allowing a user to hide large amounts of information within image and audio. These forms of steganography often are used in conjunction with cryptography so the information is double protected; first it is encrypted and then hidden so that an advertisement first. find the information ( an often difficult task in and of itself) and the decrypted it.
The simplest approach to hiding data within an image file is called （5）signature insertion. In this method, we can take the binary representation of the hidden data and the bit of each byte within the covert image. If we are using 24-bit color the amount and will be minimum and indiscriminate to the human eye.
（1）A、Cryptography
B、Geography
C、Stenography
D、Steganography
（2）A、methods
B、software
C、tools
D、services
（3）A、Member
B、Management
C、Message
D、Mail
（4）A、powerful
B、sophistication
C、advanced
D、easy
（5）A、least
B、most
C、much
D、less

試題解析與討論：m.xiexiliangjiufa.com/st/2851420507.html
試題參考答案：D、A、C、B、A

試題10：

信息安全風險的三要素是指：（）
A.資產(chǎn)/威脅/脆弱性
B.資產(chǎn)/使命/威脅
C.使命/威脅/脆弱性
D.威脅/脆弱性/使命

試題解析與討論：m.xiexiliangjiufa.com/st/2710021912.html
試題參考答案：A