信息安全工程師當天每日一練試題地址：www.tronclassroom.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.tronclassroom.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/10/21）在線測試：www.tronclassroom.com/exam/ExamDay.aspx?t1=6&day=2020/10/21

點擊查看：更多信息安全工程師習題與指導

信息安全工程師每日一練試題內容（2020/10/21）

試題1：

常見密碼系統(tǒng)包含的元素是：（）
A.明文，密文，信道，加密算法，解密算法
B.明文，摘要，信道，加密算法，解密算法
C.明文，密文，密鑰，加密算法，解密算法
D.消息，密文，信道，加密算法，解密算法

試題解析與討論：www.tronclassroom.com/st/2689318961.html
試題參考答案：C

試題2： Which of the following would an IS auditor consider the MOST relevant to short-term planning for an IS department? 
A、Allocating resources 
B、Keeping current with technology advances 
C、Conducting control self-assessment 
D、Evaluating hardware needs 
試題解析與討論：www.tronclassroom.com/st/2927321032.html
試題參考答案：A

試題3： Which of the following is a dynamic analysis tool for the purpose of testing software modules? 
A、Black box test 
B、Desk checking 
C、Structured walkthrough 
D、Design and code 
試題解析與討論：www.tronclassroom.com/st/293363783.html
試題參考答案：A

試題4： The activation of an enterprise's business continuity plan should be based on predetermined criteria that address the: 
A、duration of the outage. 
B、type of outage. 
C、probability of the outage. 
D、cause of the outage. 
試題解析與討論：www.tronclassroom.com/st/2930921041.html
試題參考答案：A

試題5： Which of the following audit techniques would BEST aid an auditor in determining whether there have been unauthorized program changes since the last authorized program update? 
A、Test data run 
B、Code review 
C、Automated code comparison 
D、Review of code migration procedures 
試題解析與討論：www.tronclassroom.com/st/295612358.html
試題參考答案：C

試題6：

下述選項中對于"風險管理"的描述正確的是:（）
A.安全必須是完美無缺、面面俱到的。
B.最完備的信息安全策略就是最優(yōu)的風險管理對策
C.在應對信息安全風險時,要從經濟、技術、管理的可行性和有效性上做出權衡和取舍.
D.防范不足就會造成損失:防范過多就可以避免損失。

試題解析與討論：www.tronclassroom.com/st/27348932.html
試題參考答案：C

試題7： An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker: 
A、compromises the Wireless Application Protocol (WAP) gateway. 
B、installs a sniffing program in front of the server. 
C、steals a customer's PDA. 
D、listens to the wireless transmission. 
試題解析與討論：www.tronclassroom.com/st/2949620302.html
試題參考答案：A

試題8：

災難發(fā)生后，系統(tǒng)和數(shù)據(jù)必須恢復到的（）
A、時間要求
B、時間點要求
C、數(shù)據(jù)狀態(tài)
D、運行狀態(tài)

試題解析與討論：www.tronclassroom.com/st/2698710767.html
試題參考答案：B

試題9： What is the MOST effective method of preventing unauthorized use of data files? 
A、Automated file entry 
B、Tape librarian 
C、Access control software 
D、Locked library 
試題解析與討論：www.tronclassroom.com/st/2926218918.html
試題參考答案：C

試題10： Which of the following IT governance best practices improves strategic alignment? 
A、Supplier and partner risks are managed. 
B、A knowledge base on customers, products, markets and processes is in place. 
C、A structure is provided that facilitates the creation and sharing of business information. 
D、Top management mediate between the imperatives of business and technology. 
試題解析與討論：www.tronclassroom.com/st/297313734.html
試題參考答案：D