首页 CISP内容详情

信息安全工程师每日一练试题(2020/7/5)

2020-10-04 25 cisp

信息安全工程师当天每日一练试题地址:www.cnitpm.com/exam/ExamDay.aspx?t1=6

往期信息安全工程师每日一练试题汇总:www.cnitpm.com/class/27/e6_1.html

信息安全工程师每日一练试题(2020/7/5)在线测试:www.cnitpm.com/exam/ExamDay.aspx?t1=6&day=2020/7/5

点击查看:更多信息安全工程师习题与指导

信息安全工程师每日一练试题内容(2020/7/5)

试题 1

有关网络安全的设计原则,以下描述错误的是() 。
A.网络安全强调对信息均衡、全面地进行保护
B.良好的等级划分,是实现网络安全的保障
C.网络安全系统设计不需要考虑网络结构
D.网络安全系统应该以不影响系统正常运行为前提

试题解析与讨论:www.cnitpm.com/st/2553423748.html
试题参考答案:C

试题 2

分组密码具有5种工作模式,其是()可用于加密密钥。
A.电码本
B.密文反馈
C.输出反馈
D.计数器

试题解析与讨论:www.cnitpm.com/st/255865498.html
试题参考答案:A

试题 3

“进不来”“拿不走”“看不懂”“改不了”“走不脱”是网络信息安全建设的目的。其中,“看不懂”是指下面哪种安全服务:()
A.数据加密
B.身份认证
C.数据完整性
D.访问控制

试题解析与讨论:www.cnitpm.com/st/2703625594.html
试题参考答案:A

试题 4

以下哪个一个项对“ARP”的解释是正确的:()
A、Access routing protocol----访问路由协议
B、Access routing protocol----访问解析协议
C、Address resolution protocol-地址解析协议
D、Address recovery protocol-地址恢复协议

试题解析与讨论:www.cnitpm.com/st/2653526236.html
试题参考答案:C

试题 5: To determine who has been given permission to use a particular system resource, an IS auditor should review: 
A、activity lists. 
B、access control lists. 
C、logon ID lists. 
D、password lists. 
试题解析与讨论:www.cnitpm.com/st/2938711723.html
试题参考答案:B

试题 6: Which of the following programs would a sound information security policy MOST likely include to handle suspected intrusions? 
A、Response 
B、Correction 
C、Detection 
D、Monitoring 
试题解析与讨论:www.cnitpm.com/st/2978412207.html
试题参考答案:A

试题 7

以下哪一种人给公司带来了最大的安全风险?()
A.临时工
B. 咨询人员
C. 以前的员工
D.当前的员工

试题解析与讨论:www.cnitpm.com/st/272051199.html
试题参考答案:D

试题 8: An IS auditor discovers that developers have operator access to the command line of a production environment operating system. Which of the following controls would BEST mitigate the risk of undetected and unauthorized program changes to the production environment? 
A、Commands typed on the command line are logged 
B、Hash keys are calculated periodically for programs and matched against hash keys calculated for the most recent authorized versions of the programs 
C、Access to the operating system command line is granted through an access restriction tool with preapproved rights 
D、Software development tools and compilers have been removed from the production environment 

试题解析与讨论:www.cnitpm.com/st/2915818569.html
试题参考答案:B

试题 9

被以下哪种病毒感染后,会使计算机产生下列现象:系统资源被大量占用,有时会弹出RPC服务终止的对话框,并且系统反复重启,不能收发邮件、不能正常复制文件、无法正常浏览网页,复制粘贴等操作受到严重影响的,DNS和IIS服务遭到非法拒绝等。()
A、高波变种3T
B、冲击波
C、震荡波
D、尼姆达病毒

试题解析与讨论:www.cnitpm.com/st/2656414722.html
试题参考答案:B

试题 10: As an outcome of information security governance, strategic alignment provides: 
A、security requirements driven by enterprise requirements. 
B、baseline security following best practices. 
C、institutionalized and commoditized solutions. 
D、an understanding of risk exposure. 
试题解析与讨论:www.cnitpm.com/st/295099768.html
试题参考答案:A