信息安全工程師當天每日一練試題地址：www.jazzmuze.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.jazzmuze.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/5/20）在線測試：www.jazzmuze.com/exam/ExamDay.aspx?t1=6&day=2020/5/20

點擊查看：更多信息安全工程師習題與指導(dǎo)

信息安全工程師每日一練試題內(nèi)容（2020/5/20）

試題1：

以下對于蠕蟲病毒的說法錯誤的是：（）
A.通常蠕蟲的傳播無需用戶的操作
B.蠕蟲病毒的主要危害體現(xiàn)在對數(shù)據(jù)保密性的破壞
C.蠕蟲的工作原理與病毒相似，除了沒有感染文件階段
D.是一段能不以其他程序為媒介，從一個電腦系統(tǒng)復(fù)制到另一個電腦系統(tǒng)的程序

試題解析與討論：www.jazzmuze.com/st/2737516641.html
試題參考答案：B

試題2： A TCP/IP-based environment is exposed to the Internet. Which of the following BEST ensures that complete encryption and authentication protocols exist for protecting information while transmitted? 
A、Work is completed in tunnel mode with IP security using the nested services of authentication header (AH) and encapsulating security payload (ESP). 
B、A digital signature with RSA has been implemented. 
C、Digital certificates with RSA are being used. 
D、Work is being completed in TCP services. 
試題解析與討論：www.jazzmuze.com/st/2979922110.html
試題參考答案：A

試題3： Which of the following would an IS auditor consider to be the MOST helpful when evaluating the effectiveness and adequacy of a computer preventive maintenance program? 
A、A system downtime log 
B、Vendors' reliability figures 
C、Regularly scheduled maintenance log 
D、A written preventive maintenance schedule 
試題解析與討論：www.jazzmuze.com/st/2936924981.html
試題參考答案：A

試題4： The PRIMARY objective of an audit of IT security policies is to ensure that: 
A、they are distributed and available to all staff. 
B、security and control policies support business and IT objectives. 
C、there is a published organizational chart with functional descriptions. 
D、duties are appropriately segregated. 

試題解析與討論：www.jazzmuze.com/st/2965910699.html
試題參考答案：B

試題5： Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security policy? 
A、Users should not leave tokens where they could be stolen 
B、Users must never keep the token in the same bag as their laptop computer 
C、Users should select a PIN that is completely random, with no repeating digits 
D、Users should never write down their PIN 
試題解析與討論：www.jazzmuze.com/st/2983524679.html
試題參考答案：D

試題6： In an online banking application, which of the following would BEST protect against identity theft? 
A、Encryption of personal password 
B、Restricting the user to a specific terminal 
C、Two-factor authentication 
D、Periodic review of access logs 
試題解析與討論：www.jazzmuze.com/st/292117052.html
試題參考答案：C

試題7：

制定數(shù)據(jù)備份方案時，需要考慮的兩個因素為適合的備份時間和（）
A、備份介質(zhì)
B、備份的存儲位置
C、備份數(shù)據(jù)量
D、恢復(fù)數(shù)據(jù)的最大允許時間

試題解析與討論：www.jazzmuze.com/st/2729322567.html
試題參考答案：D

試題8： 以下惡意代碼中，屬于宏病毒的是（）
A. Macro.Melissa
B. Trojian.huigezi.a
C. Worm.Blaster.g
D. Backdoor.Agobot.frt
試題解析與討論：www.jazzmuze.com/st/327144885.html
試題參考答案：A

試題9： Accountability for the maintenance of appropriate security measures over information assets resides with the: 
A、security administrator. 
B、systems administrator. 
C、data and systems owners. 
D、systems operations group. 
試題解析與討論：www.jazzmuze.com/st/2933513112.html
試題參考答案：C

試題10：

口令是驗證用戶身份的最常用手段，以下哪一種口令的潛在風險影響范圍最大？（）
A、長期沒有修改的口令
B、過短的口令
C、兩個人公用的口令
D、設(shè)備供應(yīng)商提供的默認口令

試題解析與討論：www.jazzmuze.com/st/2646727870.html
試題參考答案：D