《2022年软考-信息安全工程师考前模拟强化练习题30(附答案详解)》由会员分享,可在线阅读,更多相关《2022年软考-信息安全工程师考前模拟强化练习题30(附答案详解)(23页珍藏版)》请在金锄头文库上搜索。
1、2022年软考-信息安全工程师考前模拟强化练习题(附答案详解)1. 单选题蜜罐技术是一种主动防御技术,是入侵检测技术的一个重要发展方向。蜜罐有四种不同的配置方式:诱骗服务、弱化系统、强化系统和用户模式服务器,其中在特定IP服务端口进行侦听,并对其他应用程序的各种网络请求进行应答,这种应用程序属于( )。问题1选项A.诱骗服务B.弱化系统C.强化系统D.用户模式服务器【答案】A【解析】本题考查蜜罐安全技术。诱骗服务:是指在特定IP服务端口上进行侦听,并像其他应用程序那样对各种网络请求进行应答的应用程序。通常只有攻击者才会去访问蜜罐,正常用户是不知道蜜罐的存在的。弱化系统:配置有已知弱点的操作系统
2、,恶意攻击者更容易进入系统,系统可以收集有关攻击的数据。强化系统:对弱化系统配置的改进。用户模式服务器:是一个用户进程运行在主机上,并模拟成一个功能健全的操作系统,类似用户通常使用的操作系统。答案选A。2. 单选题Snort是一款开源的网络入侵检测系统,能够执行实时流量分析和IP协议网络的数据包记录。以下不属于Snort主要配置模式的是( )。问题1选项A.嗅探B.审计C.包记录D.网络入侵检测【答案】B【解析】本题考查入侵检测系统Snort工具相关的基础知识。Snort有三种工作方式:嗅探器、数据包记录器和网络入侵检测系统,不包括审计。答案选B。3. 单选题入侵检测技术包括异常入侵检测和误用
3、入侵检测。以下关于误用检测技术的描述中,正确的是( )。问题1选项A.误用检测根据对用户正常行为的了解和掌握来识别入侵行为B.误用检测根据掌握的关于入侵或攻击的知识来识别入侵行为C.误用检测不需要建立入侵或攻击的行为特征库D.误用检测需要建立用户的正常行为特征轮廓【答案】B【解析】本题考查入侵检测技术相关知识。误用入侵检测通常称为基于特征的入侵检测方法,是指根据已知的入侵模式检测入侵行为。优点:依据具体特征库进行判断,所以检测准确度很高,并且因为检测结果有明确的参照,也为系统管理员做出相应措施提供了方便。缺点:与具体系统依赖性太强,不但系统移植性不好,维护工作量大,而且将具体入侵手段抽象成知识
4、也很困难。并且检测范围受已知知识的局限,尤其是难以检测出内部人员的入侵行为,如合法用户的泄露。故本题选B。点播:基于条件概率的误用检测方法:基于条件概率的误用检测方法,是将入侵方式对应一个事件序列,然后观测事件发生序列,应用贝叶斯定理进行推理,推测入侵行为。基于状态迁移的误用检测方法:状态迁移方法利用状态图表示攻击特征,不同状态刻画了系统某一时刻的特征。基于键盘监控的误用检测方法:基于键盘监控的误用检测方法,是假设入侵行为对应特定的击键序列模式,然后监测用户的击键模式,并将这一模式与入侵模式匹配,从而发现入侵行为。基于规则的误用检测方法:基于规则的误用检测方法是将攻击行为或入侵模式表示成一种规
5、则,只要符合规则就认定它是一种入侵行为。4. 单选题Trust is typically interpreted as a subjective belief in the reliability, honesty and security of an entity on which we depend ( )our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and orga
6、nizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to policy . A consequence of this is that a trust co
7、mponent of a system must work correctly in order for the security of that system to hold, meaning that when a trusted( )fails , then the systemsand applications that depend on it can( )be considered secure . An often cited articulation of this principle is: a trusted system or component is one that
8、can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed policy in order to ensure the expected level of securty and quality of services .
9、 A paradoxical conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many Trusted components typically f
10、ollows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when
11、designing the identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it .The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementi
12、ng large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments . Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a componen
13、t of ( ) whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be
14、trusted.IdM is also an essential concept when defining authorisation policies in personalised services.Establishing trust always has a cost , so that having complex trust requirement typically leads to high overhead in establishing the required trust . To reduce costs there will be incentives for st
15、akeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial( )usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.问题1选项A.w
