草草视频在线播放,日美一区二区,欧美日韩高清

當(dāng)前位置：信管網(wǎng) >> 信息安全工程師 >> 每日一練 >> 文章內(nèi)容

信息安全工程師每日一練試題（2024/7/23）

來(lái)源：信管網(wǎng) 2024年07月24日【所有評(píng)論】

信息安全工程師當(dāng)天每日一練試題地址：www.shc2b.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.shc2b.com/class/27/e6_1.html

信息安全工程師每日一練試題（2024/7/23）在線測(cè)試：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23

點(diǎn)擊查看：更多信息安全工程師習(xí)題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2024/7/23）

試題1
為了防御網(wǎng)絡(luò)監(jiān)聽，最常用的方法是（）
A.采用物理傳輸（非網(wǎng)絡(luò)）
B.信息加密
C.無(wú)線網(wǎng)
D.使用專線傳輸
查看答案
試題參考答案：B
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題2
IPSec協(xié)議可以為數(shù)據(jù)傳輸提供數(shù)據(jù)源驗(yàn)證、無(wú)連接數(shù)據(jù)完整性、數(shù)據(jù)機(jī)密性、抗重播等安全服務(wù)。其實(shí)現(xiàn)用戶認(rèn)證采用的協(xié)議是（）。
A. IKE協(xié)議
B. ESP協(xié)議
C. AH協(xié)議
D. SKIP協(xié)議
查看答案
試題參考答案：C
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題3
以下不屬于網(wǎng)絡(luò)設(shè)備提供的 SNMP 訪問(wèn)控制措施的是( )。
A．SNMP權(quán)限分級(jí)機(jī)制
B．限制 SNMP 訪問(wèn)的IP 地址
C．SNMP 訪問(wèn)認(rèn)證
D．關(guān)閉 SNMP 訪問(wèn)
查看答案
試題參考答案：A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題4
以下關(guān)于VPN的敘述中,正確的是（）。
A.VPN通過(guò)加密數(shù)據(jù)保證通過(guò)公網(wǎng)傳輸?shù)男畔⒓词贡凰私孬@也不會(huì)泄露
B.VPN指用戶自己租用線路,和公共網(wǎng)絡(luò)物理上完全隔離的、安全的線路
C.VPN不能同時(shí)實(shí)現(xiàn)信息的認(rèn)證和對(duì)身份的認(rèn)證
D.VPN通過(guò)身份認(rèn)證實(shí)現(xiàn)安全目標(biāo),不具數(shù)據(jù)加密功能
查看答案
試題參考答案：A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題5

利用公開密鑰算法進(jìn)行數(shù)據(jù)加密時(shí)，采用的方法是（）
A、發(fā)送方用公開密鑰加密，接收方用公開密鑰解密
B、發(fā)送方用私有密鑰加密，接收方用私有密鑰解密
C、發(fā)送方用公開密鑰加密，接收方用私有密鑰解密
D、發(fā)送方用私有密鑰加密，接收方用公開密鑰解密
查看答案
試題參考答案：C
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題6
Trust is typically interpreted as a subjective belief in the reliability， honesty and security of an entity on which we depend （）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust component of a system must work correctly in order for the security of that system to hold, meaning that when a trusted（）fails , then the sytems and applications that depend on it can（）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services . A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.
Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.
The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining authorisation policies in personalised services.
Establishing trust always has a cost, so that having complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.
（71）A.with
B. on
C. of
D. for
（72）A.entity
B.person
C.component
D.thing
（73）A. No longer
B. never
C. always
D.often
（74）A. SP
B. IdM
C.Internet
D.entity
（75）A.trust
B.cost
C.IdM
D. solution
查看答案
試題參考答案：D、C、A、B、A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題7
2001年11月26日，美國(guó)政府正式頒布AES為美國(guó)國(guó)家標(biāo)準(zhǔn)。AES算法的分組長(zhǎng)度為128位，其可選的密鑰長(zhǎng)度不包括（）
A.256位
B.192位
C.128位
D.64位

查看答案
試題參考答案：D
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題8
網(wǎng)絡(luò)物理隔離有利于強(qiáng)化網(wǎng)絡(luò)安全的保障，增強(qiáng)涉密網(wǎng)絡(luò)的安全性。以下關(guān)于網(wǎng)絡(luò)物理隔離實(shí)現(xiàn)技術(shù)的表述，錯(cuò)誤的是（）。
A．物理斷開可以實(shí)現(xiàn)處于不同安全域的網(wǎng)絡(luò)之間以間接方式相連接
B．內(nèi)外網(wǎng)線路切換器通過(guò)交換盒的開關(guān)設(shè)置控制計(jì)算機(jī)的網(wǎng)絡(luò)物理連接
C．單硬盤內(nèi)外分區(qū)技術(shù)將單臺(tái)物理PC虛擬成邏輯上的兩臺(tái)PC
D．網(wǎng)閘通過(guò)具有控制功能開關(guān)來(lái)連接或切斷兩個(gè)獨(dú)立主機(jī)系統(tǒng)的數(shù)據(jù)交換
查看答案
試題參考答案：A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題9

以下關(guān)于安全套接層協(xié)議（SSL）的敘述中，錯(cuò)誤的是（）
A、是一種應(yīng)用層安全協(xié)議
B、為TCP/IP連接提供數(shù)據(jù)加密
C、為TCP/IP連接提供服務(wù)器認(rèn)證
D、提供數(shù)據(jù)安全機(jī)制
查看答案
試題參考答案：A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23
試題10
人為的安全威脅包括主動(dòng)攻擊和被動(dòng)攻擊。主動(dòng)攻擊是攻擊者主動(dòng)對(duì)信息系統(tǒng)實(shí)施攻擊，導(dǎo)致信息或系統(tǒng)功能改變。被動(dòng)攻擊不會(huì)導(dǎo)致系統(tǒng)信息的篡改，系統(tǒng)操作與狀態(tài)不會(huì)改變。以下屬于被動(dòng)攻擊的是（）。
A.嗅探
B.越權(quán)訪問(wèn)
C.重放攻擊
D.偽裝
查看答案
試題參考答案：A
試題解析與討論：www.shc2b.com/exam/ExamDay.aspx?t1=6&day=2024/7/23

信管網(wǎng)訂閱號(hào)

信管網(wǎng)視頻號(hào)

信管網(wǎng)抖音號(hào)

溫馨提示：因考試政策、內(nèi)容不斷變化與調(diào)整，信管網(wǎng)網(wǎng)站提供的以上信息僅供參考，如有異議，請(qǐng)以權(quán)威部門公布的內(nèi)容為準(zhǔn)！

信管網(wǎng)致力于為廣大信管從業(yè)人員、愛(ài)好者、大學(xué)生提供專業(yè)、高質(zhì)量的課程和服務(wù)，解決其考試證書、技能提升和就業(yè)的需求。

信管網(wǎng)軟考課程由信管網(wǎng)依托10年專業(yè)軟考教研傾力打造，教材和資料參編作者和資深講師坐鎮(zhèn)，通過(guò)深研歷年考試出題規(guī)律與考試大綱，深挖核心知識(shí)與高頻考點(diǎn)，為學(xué)員考試保駕護(hù)航。面授、直播＆錄播，多種班型靈活學(xué)習(xí)，滿足不同學(xué)員考證需求，降低課程學(xué)習(xí)難度，使學(xué)習(xí)效果事半功倍。