信息安全工程師當天每日一練試題地址：www.xcpkj.com/exam/ExamDay.aspx?t1=6

往期信息安全工程師每日一練試題匯總：www.xcpkj.com/class/27/e6_1.html

信息安全工程師每日一練試題（2020/4/27）在線測試：www.xcpkj.com/exam/ExamDay.aspx?t1=6&day=2020/4/27

點擊查看：更多信息安全工程師習題與指導

信息安全工程師每日一練試題內容（2020/4/27）

試題1： An IS auditor is told by IS management that the organization has recently reached the highest level of the software capability maturity model (CMM). The software quality process MOST recently added by the organization is: 
A、continuous improvement. 
B、quantitative quality goals. 
C、a documented process. 
D、a process tailored to specific projects. 
試題解析與討論：www.xcpkj.com/st/2952327373.html
試題參考答案：A

試題2： In an audit of an inventory application, which approach would provide the BEST evidence that purchase orders are valid? 
A、Testing whether inappropriate personnel can change application parameters 
B、Tracing purchase orders to a computer listing 
C、Comparing receiving reports to purchase order details 
D、Reviewing the application documentation 
試題解析與討論：www.xcpkj.com/st/2947723473.html
試題參考答案：A

試題3： An IS auditor reviewing an accounts payable system discovers that audit logs are not being reviewed. When this issue is raised with management the response is that additional controls are not necessary because effective system access controls are in place. The BEST response the auditor can make is to: 
A、review the integrity of system access controls. 
B、accept management's statement that effective access controls are in place. 
C、stress the importance of having a system control framework in place. 
D、review the background checks of the accounts payable staff. 
試題解析與討論：www.xcpkj.com/st/2949127830.html
試題參考答案：C

試題4： In a relational database with referential integrity, the use of which of the following keys would prevent deletion of a row from a customer table as long as the customer number of that row is stored with live orders on the orders table? 
A、Foreign key 
B、Primary key 
C、Secondary key 
D、Public key 
試題解析與討論：www.xcpkj.com/st/292958871.html
試題參考答案：A

試題5：

下列哪一種防病毒軟件的實施策略在內部公司網絡中是最有效的：（）
A.   服務器防毒軟件
B.病毒墻
C. 工作站防病毒軟件
D. 病毒庫及時更新

試題解析與討論：www.xcpkj.com/st/2587722546.html
試題參考答案：D

試題6： Which of the following encrypt/decrypt steps provides the GREATEST assurance of achieving confidentiality, message integrity and nonrepudiation by either sender or recipient? 
A、The recipient uses their private key to decrypt the secret key. 
B、The encrypted prehash code and the message are encrypted using a secret key. 
C、The encrypted prehash code is derived mathematically from the message to be sent. 
D、The recipient uses the sender's public key, verified with a certificate authority, to decrypt the prehash code. 
試題解析與討論：www.xcpkj.com/st/2916715262.html
試題參考答案：D

試題7：

數字簽名最常見的實現方法是建立在（）的組合基礎之上
A、公鑰密碼體制和對稱密碼體制
B、對稱密碼體制和MD5摘要算法
C、公鑰密碼體制和單向安全散列函數算法
D、公證系統(tǒng)和MD4摘要算法

試題解析與討論：www.xcpkj.com/st/2845924106.html
試題參考答案：C

試題8： An IS auditor is performing a network security review of a telecom company that provides Internet connection services to shopping malls for their wireless customers. The company uses Wireless Transport Layer Security (WTLS) and Secure Sockets Layer (SSL) technology for protecting their customer's payment information. The IS auditor should be MOST concerned if a hacker: 
A、compromises the Wireless Application Protocol (WAP) gateway. 
B、installs a sniffing program in front of the server. 
C、steals a customer's PDA. 
D、listens to the wireless transmission. 
試題解析與討論：www.xcpkj.com/st/2949620302.html
試題參考答案：A

試題9：

傳輸控制協議(TCP)是傳輸層協議，以下關于TCP 協議的說法，哪個是正確的?（）
A．相比傳輸層的另外一個協議UDP，TCP 既提供傳輸可靠性，還同時具有更高的效率，因此具有廣泛的用途
B．TCP 協議包頭中包含了源IP 地址和目的IP 地址，因此TCP 協議負責將數據傳送到正確的主機
C．TCP 協議具有流量控制、數據校驗、超時重發(fā)、接收確認等機制，因此TCP 協議能完全替代IP 協議
D．TCP 協議雖然高可靠，但是相比UDP 協議機制過于復雜，傳輸效率要比UDP 低

試題解析與討論：www.xcpkj.com/st/257072101.html
試題參考答案：D

試題10：

當備份一個應用程序系統(tǒng)的數據時，以下哪一項是應該首先考慮的關鍵性問題?（）
A、什么時候進行備份?
B、在哪里進行備份?
C、怎樣存儲備份?
D、需要各份哪些數據?

試題解析與討論：www.xcpkj.com/st/2699429730.html
試題參考答案：D