国产在线公开视频,漂亮妈妈韩国电影,成人福利视频在线观看免费

當前位置：信管網 >> 信息安全工程師 >> 每日一練 >> 文章內容

信息安全工程師每日一練試題（2024/7/23）

來源：信管網 2024年07月24日【所有評論】

信息安全工程師當天每日一練試題地址：www.tronclassroom.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.tronclassroom.com/class/27/e6_1.html

信息安全工程師每日一練試題（2024/7/23）在線測試：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23

點擊查看：更多信息安全工程師習題與指導

信息安全工程師每日一練試題內容（2024/7/23）

試題1
為了防御網絡監(jiān)聽，最常用的方法是（）
A.采用物理傳輸（非網絡）
B.信息加密
C.無線網
D.使用專線傳輸
查看答案
試題參考答案：B
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題2
IPSec協議可以為數據傳輸提供數據源驗證、無連接數據完整性、數據機密性、抗重播等安全服務。其實現用戶認證采用的協議是（）。
A. IKE協議
B. ESP協議
C. AH協議
D. SKIP協議
查看答案
試題參考答案：C
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題3
以下不屬于網絡設備提供的 SNMP 訪問控制措施的是( )。
A．SNMP權限分級機制
B．限制 SNMP 訪問的IP 地址
C．SNMP 訪問認證
D．關閉 SNMP 訪問
查看答案
試題參考答案：A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題4
以下關于VPN的敘述中,正確的是（）。
A.VPN通過加密數據保證通過公網傳輸的信息即使被他人截獲也不會泄露
B.VPN指用戶自己租用線路,和公共網絡物理上完全隔離的、安全的線路
C.VPN不能同時實現信息的認證和對身份的認證
D.VPN通過身份認證實現安全目標,不具數據加密功能
查看答案
試題參考答案：A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題5

利用公開密鑰算法進行數據加密時，采用的方法是（）
A、發(fā)送方用公開密鑰加密，接收方用公開密鑰解密
B、發(fā)送方用私有密鑰加密，接收方用私有密鑰解密
C、發(fā)送方用公開密鑰加密，接收方用私有密鑰解密
D、發(fā)送方用私有密鑰加密，接收方用公開密鑰解密
查看答案
試題參考答案：C
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題6
Trust is typically interpreted as a subjective belief in the reliability， honesty and security of an entity on which we depend （）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted（）fails , then the sytems and applications that depend on it can（）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.
Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost, so that having complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
（71）A.with
B. on
C. of
D. for
（72）A.entity
B.person
C.component
D.thing
（73）A. No longer
B. never
C. always
D.often
（74）A. SP
B. IdM
C.Internet
D.entity
（75）A.trust
B.cost
C.IdM
D. solution
查看答案
試題參考答案：D、C、A、B、A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題7
2001年11月26日，美國政府正式頒布AES為美國國家標準。AES算法的分組長度為128位，其可選的密鑰長度不包括（）
A.256位
B.192位
C.128位
D.64位

查看答案
試題參考答案：D
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題8
網絡物理隔離有利于強化網絡安全的保障，增強涉密網絡的安全性。以下關于網絡物理隔離實現技術的表述，錯誤的是（）。
A．物理斷開可以實現處于不同安全域的網絡之間以間接方式相連接
B．內外網線路切換器通過交換盒的開關設置控制計算機的網絡物理連接
C．單硬盤內外分區(qū)技術將單臺物理PC虛擬成邏輯上的兩臺PC
D．網閘通過具有控制功能開關來連接或切斷兩個獨立主機系統(tǒng)的數據交換
查看答案
試題參考答案：A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題9

以下關于安全套接層協議（SSL）的敘述中，錯誤的是（）
A、是一種應用層安全協議
B、為TCP/IP連接提供數據加密
C、為TCP/IP連接提供服務器認證
D、提供數據安全機制
查看答案
試題參考答案：A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題10
人為的安全威脅包括主動攻擊和被動攻擊。主動攻擊是攻擊者主動對信息系統(tǒng)實施攻擊，導致信息或系統(tǒng)功能改變。被動攻擊不會導致系統(tǒng)信息的篡改，系統(tǒng)操作與狀態(tài)不會改變。以下屬于被動攻擊的是（）。
A.嗅探
B.越權訪問
C.重放攻擊
D.偽裝
查看答案
試題參考答案：A
試題解析與討論：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2024/7/23