精编安全专业测试复习题库588题含答案文档格式.docx
《精编安全专业测试复习题库588题含答案文档格式.docx》由会员分享,可在线阅读,更多相关《精编安全专业测试复习题库588题含答案文档格式.docx(132页珍藏版)》请在冰点文库上搜索。
D、网络控制策略和应用控制策略
5.在编制定级报告时,应按以下层面描述各对象的重要性。
A、对象社会影响力
B、规模和服务范围
C、所提供服务的重要性
D、系统的等级
ABC
6.公司网络的终端设备允许通过方式以下方式接入:
()
A、802.1X认证
B、安全网关认证
C、MAC地址绑定
7.安全域边界的保护原则是:
A、应以通为主,以隔为辅
B、应以隔为主,以通为辅
C、重点防护、重兵把守
8.在确定安全域划分的原则后,需要对支撑的网络架构进行规划,分为()。
A、接入层
B、接口汇聚层
C、核心交换层
D、子系统层
9.每一个安全域可细分为:
A、互联接口域
B、核心交换域
C、维护域
D、核心生产域
ABCD
10.每一个安全域总体上可以体现为以下的层面:
A、接口层
B、核心层
C、系统层
D、网络层
11.移动公司总部在奥运前,邀请总参三部对部分重要IP/IT系统进行了分层次的评估,分别是哪些层次?
A物理层、网络层、系统层和应用层
B传输层、网络层、系统层和应用层
C物理层、传输层、系统层和应用层
D物理层、网络层、传输层和应用层
12.IP协议安全功能要求分为:
A、基本协议安全功能要求、路由协议安全功能要求、OSPF协议安全功能要求
B、基本协议安全功能要求、路由协议安全功能要求、ISIS协议安全功能要求
C、基本协议安全功能要求、路由协议安全功能要求、SNMP协议安全功能要求
D、基本协议安全功能要求、路由协议安全功能要求、BGP协议安全功能要求
C
13.UnderthelevelC2securityclassification,whatdoesdiscretionaryaccesscontrolmean?
A.Discretionaryaccesscontrolmeansthattheownerofaresourcemustbeabletousethatresource
B.Discretionaryaccesscontrolistheabilityofthesystemadministratortolimitthetimeanyuser
spendsonacomputer
C.Discretionaryaccesscontrolisapolicythatlimitstheuseofanyresourcetoagrouporasecurity
profile
D.Discretionaryaccesscontrolisarulesetbythesecurityauditortopreventothersfromdownloading
unauthorizedscriptsorprograms.
Answer:
A
14.27.僵尸网络有哪些组成
A、僵尸程序
B、僵尸计算机
C、命令控制中心
D、ISP
15.23.下列哪个程序可以直接读出winlogon进程中缓存的密码
A.findpass
B.pwdump
C.JOHN
D.l0phtcrack
16.22.风险评估包括以下哪些部分:
A、资产评估
B、脆弱性评估
C、威胁评估
17.21.windowsterminalserver使用的端口是:
A.1433
B.5800
C.5900
D.3389
D
18.20.WindowsNT中哪个文件夹存放SAM文件?
A.\%Systemroot%B.\%Systemroot%\system32\sam
C.\%Systemroot%\system32\configD.\%Systemroot%\config
19.12.FINGER服务使用哪个TCP端口?
A.69B.119C.79D.70
20.11.LINUX中,什么命令可以控制口令的存活时间?
A.chageB.passwdC.chmodD.umask
21.8.MD5产生的散列值是多少位?
A.56B.64C.128D.160
22.2.一般的防火墙不能实现以下哪项功能?
A.隔离公司网络和不可信的网络B.防止病毒和特络依木马程序
C.隔离内网D.访问控制
B
23.3.如需要配置Cisco路由器禁止从网络启动和自动从网络下载初始配置文件,配置命令包括()
a)nobootnetwork
b)noserviceconfig
c)nobootconfig
d)noservicenetwork
ab
24.当发生下述情况时,应立即撤销帐号或更改帐号口令,并做好记录:
A、帐号使用者由于岗位职责变动、离职等原因,不再需要原有访问权限时。
B、临时性或阶段性使用的帐号,在工作结束后。
C、帐号使用者违反了有关口令管理规定。
D、有迹象表明口令可能已经泄露。
25.WhatcommontargetcanbereconfiguredtodisableaninterfaceandprovideinaccurateIPaddresses
overtheInternet?
A.Routers
B.E-mailservers
C.DNSservers
D.Databases
26.WhatisthetermfortheprocessofreplacingsourceIPaddresseswithfalseIPaddresses?
A.Hijacking
B.Spoofing
C.Spamming
D.Bruteforce
B
27.Lukemustadvisehisusersaboutwhichclienttoemploywhenaccessingremotesystems.Whichofthe
followingisaconnection-orientedprotocolthatcancontainunencryptedpasswordinformationfrom
Telnetsessions?
A.TCP
B.TTP
C.HTTP
D.UDP
28.WhichtypeifportisusedbyHTTPforthecontrolconnection?
A.Ephemeral
B.Well-known
C.Dynamic
29.WhichprotocolisnormallyusedtocommunicateerrorsorotherconditionsattheIPlayer,buthasalso
beenusedtoconductdenial-of-serviceattacks?
B.ICMP
C.SNMP
30.WhatistheprimarysecurityriskinSNMP?
A.Loginnamesandpasswordsarenotencrypted
B.Damagingprogramscanbeexecutedontheclient
C.Damagingprogramscanbeexecutedontheserver
D.PasswordsandDataistransferredinCleartext
D
31.WhatistheprimarysecurityproblemwithFTP?
A.Anonymousloginsdonotrequireapassword
D.Theloginnameandpasswordaresenttotheserverincleartext
32.WhichofthefollowinglayersofTCP/IPstacksisthemostdifficulttosecure?
A.Physical
B.Network
C.Transport
D.Application
33.Whichtypeofattackoccurswhenahackerobtainspasswordsandotherinformationfromlegitimate
transactions?
A.Man-in-the-middleattack
B.Denial-of-serviceattack
C.Dictionaryattack
D.Illicitserverattack
34.Whichofthefollowingisawaytogetaroundafirewalltointrudeintoasecurenetworkfromaremote
location?
1D0-470
LeadingthewayinITtestingandcertificationtools,
-26-
A.IPservices
B.Activeports
C.Identifiednetworktopology
D.Modembanks
35.中国移动网络运行维护规程落实了哪些网络运维要求()
A集中化
B标准化
C信息化
36.Lucyobtainsthelateststableversionsofserver,servicesorapplications.Whichtypeofattackdoesthis
actionhelptoprevent?
A.Dictionaryattack
B.Bufferoverflowattack
C.Trojanattack
37.9、下面那些方法,可以实现对IIS重要文件的保护或隐藏?
A、通过修改注册表,将缺省配置文件改名,并转移路径
B、将wwwroot目录,更改到非系统分区
C、修改日志文件的缺省位置
D、将脚本文件和静态网页存放到不同目录,并分配不同权限
38.Whatisthefinalstepinassessingtheriskofnetworkintrusionfromaninternalorexternalsource?
A.Usingtheexistingmanagementandcontrolarchitecture
B.Evaluatingtheexistingperimeterandinternalsecurity
C.Analyzing,categorizingandprioritizingresources
D.Consideringthebusinessconcerns
39.Whichtypeofattackusesasimpleorcomplexprogramthatself-replicatesand/ordepositsapayloadon
aremoteorlocalcomputer?
B.Hijackingattack
C.Illicitserverattack
D.Virusattack
40.Whichtypeofattackutilizesanunauthorizedserviceordaemonrunningonyoursystemtosendout
informationtoahackerthatcanbeusedtofurthercompromisethesystem?
A.Virusattack
C.Man-in-the-middleattack
41.Whichservice,commandortoolallowsaremoteusertointerfacewithasystemasifheweresittingat
theterminal?
A.Host
B.Finger
C.SetRequest
D.Telnet
42.InaLinuxsystem,howdoyoustopthePOP3,IMAPD,andFTPservices?
A.Bychangingthepermissionsontheconfigurationfilethatcontrolstheservice(/sbin/inetd),then
recompiling/etc/inetd.config
B.Bycommentingouttheserviceusingthe#symbolinthetextfile/etc/inetd.conf,thenrestartingthe
inetddaemon
C.Byrecompilingthesystemkernel,makingsureyouhavedisabledthatservice
D.Bycommentingouttheserviceusingthe$symbolinthetextfile/etc/inetd.conf,thenrestartingthe
inetddaemon.
43.Youmustapplypermissionstoafilenamed/home/myname/myfile.txt,andyouneedtofulfillthe
followingrequirements:
Youwantfullaccesstothefile.
Peopleinyourgroupshouldbeabletoreadthefile.
Peopleinyourgroupshouldnotbeabletowritethefile.
Peopleoutsideofyourgroupshouldbedeniedaccesstothefile.
Whatarethemostsecurepermissionsyouwouldapplytothefile?
A.Chage700/home/myname/myfile.txt
B.Chage744/home/myname/myfile.txt
C.Chmod640/home/myname/myfile.txt
D.Chmod064/home/myname/myfile.txt
44.WinlogonloadstheGINADLL.WhatdoestheGINADLLthendo?
A.Itprovidestheinterfaceforprocessinglogonrequests
B.Itcreatesthelinktotheuserdatabasefortheupdateofthelocalsecurityauthority
C.Itcreatesthelinktothemasteraccesslistontheserver
D.Itcheckstheuserdatabaseforcorrectdate/timestampsoflastmodification
45.WhatdothediscretionaryACL(accesscontrollist)andthesystemACLinWindowsNThavein
common?
A.Bothsharepropertiesforstoringsecureobjectidentifiers
B.Bothcangrantordenypermissionstopartsofthesystem
C.Bothareinstalledbydefaultonthesystemindifferentsectionsoftheclient/servermodel
D.Bothareresponsibleforcreationofthemasteraccesscontrollist
46.WhichofthefollowingbestdescribestheproblemwithsharepermissionsandsharepointsinWindows
NT?
A.Sharepointsmustbethesamevalueasthedirectorythatservesthesharepoint
B.Sharepointscontainspermissions;
andanyfileunderthesharepointmustpossessthesame
permissions
C.Sharepermissionsareexclusivetorootdirectoriesandfiles;
theydonotinvolvesharepoints,which
defineuserpermissions
D.Sharepointsaresetwhenconnectionisestablished,thereforethestaticnatureoffilepermissionscan
conflictwithsharepointsiftheyarenotsetwithreadandwritepermissionsforeveryone.
47.MichelwantstowriteacomputervirusthatwillcrippleUNIXsystems.Whatisgoingtobethemain
obstaclepreventinghimfromsuccess?
A.UNIXcomputersareextremelydifficulttoaccessillicitlyovertheinternet,andthereforecomputer
virusesarenotanissuewithUNIXsystems
B.DuetothefilepermissionstructureandthenumberofvariationsintheUNIXhardware
architectures,aviruswouldhavetogainrootprivilegesaswellasidentifythehardwareandUNIX
flavorinuse.
C.Duetoavailabilityofeffectivefreeanti-virustools,computervirusesarecaughtearlyandoften.
Michel’sviruswouldhavetoevadedetectionforittosucceed.
D.DuetotheextensiveuseofANSICintheprogrammingofUNIX,theviruswouldhavetomimic
someofthesourcecodeusedintheinfectediterationoftheUNIXoperatingsystem
48.Whathost-levelinformationwouldyouwanttoobtainsoyoucanexploitdefaultsandpatches?
A.Servers
B.Routersandswitches
C.Databases
D.F
升级会员 