信息安全工程師當(dāng)天每日一練試題地址：www.shc2b.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.shc2b.com/class/27/e6_1.html

信息安全工程師每日一練試題（2021/5/1）在線測(cè)試：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2021/5/1

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2021/5/1）

試題1： 以下關(guān)于網(wǎng)絡(luò)欺騙的描述中，不正確的是（  ）。
A. Web欺騙是一種社會(huì)工程攻擊
B.DNS欺騙通過(guò)入侵網(wǎng)站服務(wù)器實(shí)現(xiàn)對(duì)網(wǎng)站內(nèi)容的篡改
C.郵件欺騙可以遠(yuǎn)程登錄郵件服務(wù)器的端口 25
D.采用雙向綁定的方法可以有效阻止ARP欺騙
試題解析與討論：www.shc2b.com/st/411382082.html
試題參考答案：B

試題2： Linux系統(tǒng)的運(yùn)行日志存儲(chǔ)的目錄是（  ）。
A./var/log
B./usr/log
C./etc/log
D./tmp/log
試題解析與討論：www.shc2b.com/st/3894728881.html
試題參考答案：A

試題3： 攻擊者通過(guò)對(duì)目標(biāo)主機(jī)進(jìn)行端口掃描，可以直接獲得（）。
A.目標(biāo)主機(jī)的口令
B.給目標(biāo)主機(jī)種植木馬
C.目標(biāo)主機(jī)使用了什么操作系統(tǒng)
D.目標(biāo)主機(jī)開放了那些端口服務(wù)
試題解析與討論：www.shc2b.com/st/3270814559.html
試題參考答案：D

試題4：

某單位在實(shí)施信息安全風(fēng)險(xiǎn)評(píng)估后，形成了若干文擋，下面()中的文擋不應(yīng)屬于風(fēng)險(xiǎn)評(píng)估中“風(fēng)險(xiǎn)評(píng)估準(zhǔn)備”階段輸出的文檔。（）
A．《風(fēng)險(xiǎn)評(píng)估工作計(jì)劃》，主要包括本次風(fēng)險(xiǎn)評(píng)估的目的、意義、范圍、目標(biāo)、組織結(jié)構(gòu)、角色及職責(zé)、經(jīng)費(fèi)預(yù)算和進(jìn)度安排等內(nèi)容
B．《風(fēng)險(xiǎn)評(píng)估方法和工具列表》。主要包括擬用的風(fēng)險(xiǎn)評(píng)估方法和測(cè)試評(píng)估工具等內(nèi)容
C．《已有安全措施列表》，主要包括經(jīng)檢查確認(rèn)后的已有技術(shù)和管理各方面安全措施等內(nèi)容
D．《風(fēng)險(xiǎn)評(píng)估準(zhǔn)則要求》，主要包括風(fēng)險(xiǎn)評(píng)估參考標(biāo)準(zhǔn)、采用的風(fēng)險(xiǎn)分析方法、風(fēng)險(xiǎn)計(jì)算方法、資產(chǎn)分類標(biāo)準(zhǔn)、資產(chǎn)分類準(zhǔn)則等內(nèi)容

試題解析與討論：www.shc2b.com/st/2574121335.html
試題參考答案：C

試題5：

所有進(jìn)入物理安全區(qū)域的人員都需經(jīng)過(guò)（）
A.考核
B.授權(quán)
C.批準(zhǔn)
D.認(rèn)可

試題解析與討論：www.shc2b.com/st/2608419443.html
試題參考答案：B

試題6：

以下哪些不屬于敏感性標(biāo)識(shí)（）
A.不干貼方式
B.印章方式
C.電子標(biāo)簽
D.個(gè)人簽名

試題解析與討論：www.shc2b.com/st/2607820461.html
試題參考答案：D

試題7：

以下關(guān)于信息安全工程說(shuō)法正確的是：（）
A.信息化建設(shè)中系統(tǒng)功能的實(shí)現(xiàn)是最重要的
B．信息化建設(shè)可以先實(shí)施系統(tǒng)，而后對(duì)系統(tǒng)進(jìn)行安全加固
C．信息化建設(shè)中在規(guī)劃階段合理規(guī)劃信息安全，在建設(shè)階段要同步實(shí)施信息安全建設(shè)
D．信息化建設(shè)沒(méi)有必要涉及信息安全建設(shè)

試題解析與討論：www.shc2b.com/st/2574920800.html
試題參考答案：

試題8： The modern study of symmetric-key ciphers relates mainly to the study of block ciphers and stream ciphers and to their applications. A block cipher is, in a sense, a modern embodiment of Alberti's polyalphabetic cipher: block ciphers take as input a block of （71 ）and a key, and output a block of ciphertext of the same size. Since messages are almost always longer than a single block, some method of knitting together successive blocks is required. Several have been developed, some with better security in one aspect or another than others. They are the mode of operations and must be carefully considered when using a block cipher in a cryptosystem.
The Data Encryption Standard (DES) and the Advanced Encryption Standard (AES) are( 72 )designs which have been designated cryptography standards by the US government (though DES's designation was finally withdrawn after the AES was adopted). Despite its deprecation as an official standard, DES (especially its still-approved and much more secure triple-DES variant) remains quite popular; it is used across a wide range of applications, from ATM encryption to e-mail privacy and secure remote access. Many other block ciphers have been designed and released, with considerable variation in quality. Many have been thoroughly broken. See Category: Block ciphers.
Stream ciphers, in contrast to the ‘block’type, create an arbitrarily long stream of key material, which is combined ( 73 )the plaintext bit-by-bit or character-by-character, somewhat like the one-time pad. In a stream cipher, the output( 74 )is created based on an internal state which changes as the cipher operates. That state change is controlled by the key, and, in some stream ciphers, by the plaintext stream as well. RC4 is an example of a well-known, and widely used, stream cipher; see Category: Stream ciphers.
Cryptographic hash functions (often called message digest functions) do not necessarily use keys, but are a related and important class of cryptographic algorithms. They take input data (often an entire message), and output a short fixed length hash, and do so as a one-way function. For good ones, ( 75 ) (two plaintexts which produce the same hash) are extremely difficult to find.
Message authentication codes (MACs) are much like cryptographic hash functions, except that a secret key is used to authenticate the hash value on receipt. These block an attack against plain hash functions.
（71）
A.plaintext
B.ciphertext
C.data
D.hash
（72）
A.stream cipher
B.hash function
C.Message authentication code
D.Block cipher
（73）
A.of
B.for
C.with
D.in
（74）
A.hash
B.stream
C.ciphertext
D.plaintext
（75）
A.collisons
B.image
C.preimage
D.solution
試題解析與討論：www.shc2b.com/st/4115223167.html
試題參考答案：A、D、C、B、C

試題9： 基于公開密鑰的數(shù)字簽名算法對(duì)消息進(jìn)行簽名和驗(yàn)證時(shí)，正確的簽名和驗(yàn)證方式是（  ）。
A.發(fā)送方用自己的公開密鑰簽名，接收方用發(fā)送方的公開密鑰驗(yàn)證
B.發(fā)送方用自己的私有密鑰簽名，接收方用自己的私有密鑰驗(yàn)證
C.發(fā)送方用接收方的公開密鑰簽名，接收方用自己的私有密鑰驗(yàn)證
D.發(fā)送方用自己的私有密鑰簽名，接收方用發(fā)送方的公開密鑰驗(yàn)證
試題解析與討論：www.shc2b.com/st/4115119792.html
試題參考答案：D

試題10： WPKI（無(wú)線公開密鑰體系）是基于無(wú)網(wǎng)絡(luò)環(huán)境的一套遵循既定標(biāo)準(zhǔn)的密鑰及證書管理平臺(tái),該平臺(tái)采用的加密算法是（  ）。
A.SM4
B.優(yōu)化的RSA加密算法
C.SM9
D.優(yōu)化的橢圓曲線加密算法
試題解析與討論：www.shc2b.com/st/3897110044.html
試題參考答案：D