首页 CISP内容详情

信息安全工程师每日一练试题(2020/6/15)

2020-10-04 10 cisp

信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6

往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html

信息安全工程师每日一练试题(2020/6/15)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/6/15

点击查看:更多信息安全工程师习题与指导

信息安全工程师每日一练试题内容(2020/6/15)

试题 1: When selecting audit procedures, an IS auditor should use professional judgment to ensure that: 
A、sufficient evidence will be collected. 
B、all significant deficiencies identified will be corrected within a reasonable period. 
C、all material weaknesses will be identified. 
D、audit costs will be kept at a minimum level. 
试题解析与讨论:www.cnitpm.com/st/293947824.html
试题参考答案:A

试题 2: An organization has an integrated development environment (IDE) on which the program libraries reside on the server, but modification/development and testing are done from PC workstations. Which of the following would be a strength of an IDE? 
A、Controls the proliferation of multiple versions of programs 
B、Expands the programming resources and aids available 
C、Increases program and processing integrity 
D、Prevents valid changes from being overwritten by other changes 
试题解析与讨论:www.cnitpm.com/st/2925926338.html
试题参考答案:B

试题 3

安全隔离网闸与防火墙相比,需要采取更强的安全隔离技术,请指出下列哪一项技术不会在安全隔离网闸中使用()
A、专用的安全通信协议
B、专用的硬件通信通道
C、应用层的数据交换
D、支持数据包路由

试题解析与讨论:www.cnitpm.com/st/2726129265.html
试题参考答案:D

试题 4: As updates to an online order entry system are processed, the updates are recorded on a transaction tape and a hard copy transaction log. At the end of the day, the order entry files are backed up on tape. During the backup procedure, a drive malfunctions and the order entry files are lost. Which of the following is necessary to restore these files? 
A、The previous day's backup file and the current transaction tape 
B、The previous day's transaction file and the current transaction tape 
C、The current transaction tape and the current hard copy transaction log 
D、The current hard copy transaction log and the previous day's transaction file 
试题解析与讨论:www.cnitpm.com/st/2931327706.html
试题参考答案:A

试题 5

以下哪一项不是流氓软件的特征?()  
A、通常通过诱骗或和其他软件捆绑在用户不知情的情况下安装
B、通常添加驱动保护使用户难以卸载
C、通常会启动无用的程序浪费计算机的资源
D、通常会显示下流的言论

试题解析与讨论:www.cnitpm.com/st/264381444.html
试题参考答案:D

试题 6

为了确保电子邮件中邮件内容的安全,应该采用以下哪种方式比较恰当()
A、 电子邮件发送时要加密,并注意不要错发
B、 电子邮件不需要加密码
C、 只要向接收者正常发送就可以了
D、 使用移动终端发送邮件

试题解析与讨论:www.cnitpm.com/st/2668723522.html
试题参考答案:A

试题 7: 以下恶意代码中,属于宏病毒的是()
A. Macro.Melissa
B. Trojian.huigezi.a
C. Worm.Blaster.g
D. Backdoor.Agobot.frt
试题解析与讨论:www.cnitpm.com/st/327144885.html
试题参考答案:A

试题 8

对于信息安全管理,风险评估的方法比起基线的方法,主要的优势在于它确保()
A.信息资产被过度保护
B.不考虑资产的价值,基本水平的保护都会被实施
C.对信息资产实施适当水平的保护
D.对所有信息资产保护都投入相同的资源

试题解析与讨论:www.cnitpm.com/st/259855710.html
试题参考答案:C

试题 9

以下哪一项都不是PKI/CA 要解决的问题:()
A、可用性、身份鉴别
B、可用性、授权与访问控制
C、完整性、授权与访问控制
D、完整性、身份鉴别

试题解析与讨论:www.cnitpm.com/st/2693913281.html
试题参考答案:B

试题 10: When performing a computer forensic investigation, in regard to the evidence gathered, an IS auditor should be MOST concerned with: 
A、analysis. 
B、evaluation. 
C、preservation. 
D、disclosure. 
试题解析与讨论:www.cnitpm.com/st/293651103.html
试题参考答案:C