信息安全工程師當(dāng)天每日一練試題地址：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：m.xiexiliangjiufa.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/10/21）在線(xiàn)測(cè)試：m.xiexiliangjiufa.com/exam/ExamDay.aspx?t1=6&day=2020/10/21

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2020/10/21）

試題1：

常見(jiàn)密碼系統(tǒng)包含的元素是：（）
A.明文，密文，信道，加密算法，解密算法
B.明文，摘要，信道，加密算法，解密算法
C.明文，密文，密鑰，加密算法，解密算法
D.消息，密文，信道，加密算法，解密算法

試題解析與討論：m.xiexiliangjiufa.com/st/2689318961.html
試題參考答案：C

試題2： Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department? 
A、Allocating resources 
B、Keeping current with technology advances 
C、Conducting control self-assessment 
D、Evaluating hardware needs 
試題解析與討論：m.xiexiliangjiufa.com/st/2927321032.html
試題參考答案：A

試題3： Which of the following is a dynamic analysis tool for the purpose of testing software modules? 
A、Black box test 
B、Desk checking 
C、Structured walkthrough 
D、Design and code 
試題解析與討論：m.xiexiliangjiufa.com/st/293363783.html
試題參考答案：A

試題4： The activation of an enterprise's business continuity plan should be based on predetermined criteria that address the: 
A、duration of the outage. 
B、type of outage. 
C、probability of the outage. 
D、cause of the outage. 
試題解析與討論：m.xiexiliangjiufa.com/st/2930921041.html
試題參考答案：A

試題5： Which of the following audit techniques would BEST aid an auditor in determining whether there have been unauthorized program changes since the last authorized program update? 
A、Test data run 
B、Code review 
C、Automated code comparison 
D、Review of code migration procedures 
試題解析與討論：m.xiexiliangjiufa.com/st/295612358.html
試題參考答案：C

試題6：

下述選項(xiàng)中對(duì)于"風(fēng)險(xiǎn)管理"的描述正確的是:（）
A.安全必須是完美無(wú)缺、面面俱到的。
B.最完備的信息安全策略就是最優(yōu)的風(fēng)險(xiǎn)管理對(duì)策
C.在應(yīng)對(duì)信息安全風(fēng)險(xiǎn)時(shí),要從經(jīng)濟(jì)、技術(shù)、管理的可行性和有效性上做出權(quán)衡和取舍.
D.防范不足就會(huì)造成損失:防范過(guò)多就可以避免損失。

試題解析與討論：m.xiexiliangjiufa.com/st/27348932.html
試題參考答案：C

試題7： An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker: 
A、compromises the Wireless Application Protocol (WAP) gateway. 
B、installs a sniffing program in front of the server. 
C、steals a customer's PDA. 
D、listens to the wireless transmission. 
試題解析與討論：m.xiexiliangjiufa.com/st/2949620302.html
試題參考答案：A

試題8：

災(zāi)難發(fā)生后，系統(tǒng)和數(shù)據(jù)必須恢復(fù)到的（）
A、時(shí)間要求
B、時(shí)間點(diǎn)要求
C、數(shù)據(jù)狀態(tài)
D、運(yùn)行狀態(tài)

試題解析與討論：m.xiexiliangjiufa.com/st/2698710767.html
試題參考答案：B

試題9： What is the MOST effective method of preventing unauthorized use of data files? 
A、Automated file entry 
B、Tape librarian 
C、Access control software 
D、Locked library 
試題解析與討論：m.xiexiliangjiufa.com/st/2926218918.html
試題參考答案：C

試題10： Which of the following IT governance best practices improves strategic alignment? 
A、Supplier and partner risks are managed. 
B、A knowledge base on customers, products, markets and processes is in place. 
C、A structure is provided that facilitates the creation and sharing of business information. 
D、Top management mediate between the imperatives of business and technology. 
試題解析與討論：m.xiexiliangjiufa.com/st/297313734.html
試題參考答案：D