1、TCSP模擬考卷（一）一.單選題：1. 關(guān)于“攻擊工具日益先進(jìn)，攻擊者需要的技能日趨下降”，不正確的觀點(diǎn)是_。A.網(wǎng)絡(luò)受到攻擊的可能性將越來越大 B.網(wǎng)絡(luò)受到攻擊的可能性將越來越小C.網(wǎng)絡(luò)攻擊無處不在 D.網(wǎng)絡(luò)風(fēng)險(xiǎn)日益嚴(yán)重2. 保證網(wǎng)絡(luò)安全的最主要因素是_。A.擁有最新的防毒防黑軟件 B.使用高檔機(jī)器C.使用者的計(jì)算機(jī)安全素養(yǎng) D.安裝多層防火墻3. 安全漏洞產(chǎn)生的原因很多，其中口令過于簡單，很容易被黑客猜中屬于？A.系統(tǒng)和軟件的設(shè)計(jì)存在缺陷，通信協(xié)議不完備 B.技術(shù)實(shí)現(xiàn)不充分C.配置管理和使用不當(dāng)也能產(chǎn)生安全漏洞 D.以上都不正確4. 計(jì)算機(jī)病毒的特征A.隱蔽性 B.潛伏性，傳染性 C.破壞

2、性 D.可觸發(fā)性 E.以上都正確 5. 一臺PC機(jī)的病毒可通過網(wǎng)絡(luò)感染與之相連的眾多機(jī)器。說明網(wǎng)絡(luò)病毒具有_特點(diǎn)。A.傳染方式多 B.擴(kuò)散面廣 C.消除難度大 D.傳播性強(qiáng) E.多態(tài)性6. 數(shù)據(jù)加密技術(shù)可以應(yīng)用在網(wǎng)絡(luò)及系統(tǒng)安全的哪些方面？A.數(shù)據(jù)保密 B.身份驗(yàn)證 C.保持?jǐn)?shù)據(jù)完整性 D.確認(rèn)事件的發(fā)生 E.以上都正確 7. 有關(guān)對稱密鑰加密技術(shù)的說法，哪個(gè)是確切的？A.又稱秘密密鑰加密技術(shù)，收信方和發(fā)信方使用相同的密鑰B.又稱公開密鑰加密，收信方和發(fā)信方使用的密鑰互不相同C.又稱秘密密鑰加密技術(shù)，收信方和發(fā)信方使用不同的密鑰D.又稱公開密鑰加密，收信方和發(fā)信方使用的密鑰互不相同 8. 在使用

3、者和各類系統(tǒng)資源間建立詳細(xì)的授權(quán)映射，確保用戶只能使用其授權(quán)范圍內(nèi)的資源，并且通過訪問控制列表(ACL: Access Control List)來實(shí)現(xiàn)，這種技術(shù)叫做_。A.資源使用授權(quán) B.身份認(rèn)證 C.數(shù)字簽名 D.包過濾 E.以上都不正確 9. 為防止企業(yè)內(nèi)部人員對網(wǎng)絡(luò)進(jìn)行攻擊的最有效的手段是_。A.防火墻 B.VPN（虛擬私用網(wǎng)） C.網(wǎng)絡(luò)入侵監(jiān)測 D.加密 E.漏洞評估10. 首先根據(jù)被監(jiān)測系統(tǒng)的正常行為定義出一個(gè)規(guī)律性的東西，稱為“寫照”，然后監(jiān)測有沒有明顯偏離“寫照”的行為。這指的是入侵分析技術(shù)的_。A.簽名分析法 B.統(tǒng)計(jì)分析法 C.數(shù)據(jù)完整性分析法 D.以上都正確11. 以下

4、哪種方法主要通過查證文件或者對象是否被修改過，從而判斷是否遭到入侵？A.簽名分析法 B.統(tǒng)計(jì)分析法 C.數(shù)據(jù)完整性分析法 D.以上都正確 12. 某入侵監(jiān)測系統(tǒng)收集關(guān)于某個(gè)特定系統(tǒng)活動情況信息，該入侵監(jiān)測系統(tǒng)屬于哪種類型。A.應(yīng)用軟件入侵監(jiān)測系統(tǒng) B.主機(jī)入侵監(jiān)測系統(tǒng) C.網(wǎng)絡(luò)入侵監(jiān)測系統(tǒng)D.集成入侵監(jiān)測系統(tǒng) E.以上都不正確 13. 關(guān)于網(wǎng)絡(luò)入侵監(jiān)測的主要優(yōu)點(diǎn)，哪個(gè)不正確。A.發(fā)現(xiàn)主機(jī)IDS系統(tǒng)看不到的攻擊 B.攻擊者很難毀滅證據(jù) C.快速監(jiān)測和響應(yīng)D.獨(dú)立于操作系統(tǒng) E.監(jiān)控特定的系統(tǒng)活動14. _入侵監(jiān)測系統(tǒng)對加密通信無能為力。A.應(yīng)用軟件入侵監(jiān)測系統(tǒng) B.主機(jī)入侵監(jiān)測系統(tǒng) C.網(wǎng)絡(luò)入侵

5、監(jiān)測系統(tǒng)D.集成入侵監(jiān)測系統(tǒng) E.以上都不正確 15. 入侵防范技術(shù)是指_。A.系統(tǒng)遇到進(jìn)攻時(shí)設(shè)法把它化解掉，讓網(wǎng)絡(luò)和系統(tǒng)還能正常運(yùn)轉(zhuǎn)B.攻擊展開的跟蹤調(diào)查都是事后進(jìn)行，經(jīng)常是事后諸葛亮，適時(shí)性不好C.完全依賴于簽名數(shù)據(jù)庫D.以上都不正確16. 虛擬專用網(wǎng)(VPN)技術(shù)是指_。A.在公共網(wǎng)絡(luò)中建立專用網(wǎng)絡(luò)，數(shù)據(jù)通過安全的“加密管道”在公共網(wǎng)絡(luò)中傳播B.在公共網(wǎng)絡(luò)中建立專用網(wǎng)絡(luò)，數(shù)據(jù)通過安全的“加密管道”在私有網(wǎng)絡(luò)中傳播C.防止一切用戶進(jìn)入的硬件D.處理出入主機(jī)的郵件的服務(wù)器 17. 何為漏洞評估？A.檢測系統(tǒng)是否已感染病毒B.在公共網(wǎng)絡(luò)中建立專用網(wǎng)絡(luò)，數(shù)據(jù)通過安全的“加密管道”在公共網(wǎng)絡(luò)中傳播

6、C.通過對系統(tǒng)進(jìn)行動態(tài)的試探和掃描，找出系統(tǒng)中各類潛在的弱點(diǎn)，給出相應(yīng)的報(bào)告，建議采取相應(yīng)的補(bǔ)救措施或自動填補(bǔ)某些漏洞D.是置于不同網(wǎng)絡(luò)安全域之間的一系列部件的組合，是不同網(wǎng)絡(luò)安全域間通信流的唯一通道，能根據(jù)企業(yè)有關(guān)安全政策控制進(jìn)出網(wǎng)絡(luò)的訪問行為E.主要是監(jiān)控網(wǎng)絡(luò)和計(jì)算機(jī)系統(tǒng)是否出現(xiàn)被入侵或?yàn)E用的征兆18. 漏洞評估的最主要的優(yōu)點(diǎn)_。A.適時(shí)性 B.后驗(yàn)性 C.預(yù)知性 D.以上都不正確 19. 所謂動態(tài)式的警訊是指當(dāng)遇到違反掃描政策或安全弱點(diǎn)時(shí)提供實(shí)時(shí)警訊并利用email、SNMP traps、呼叫應(yīng)用程序等方式回報(bào)給管理者。這是_型的漏洞評估產(chǎn)品的功能之一。A.主機(jī)型 B.網(wǎng)絡(luò)型 C.數(shù)據(jù)庫

7、 D.以上都不正確20. 拒絕服務(wù)掃描測試是指提供拒絕服務(wù)(Denial Of Service)的掃描攻擊測試。這是_型的漏洞評估產(chǎn)品的功能之一。A.主機(jī)型 B.網(wǎng)絡(luò)型 C.數(shù)據(jù)庫 D.以上都不正確21. 漏洞評估產(chǎn)品在選擇時(shí)應(yīng)注意_。A.是否具有針對網(wǎng)絡(luò)、主機(jī)和數(shù)據(jù)庫漏洞的檢測功能B.產(chǎn)品的掃描能力 C.產(chǎn)品的評估能力 D.產(chǎn)品的漏洞修復(fù)能力 E.以上都正確22. 建立安全的企業(yè)網(wǎng)絡(luò)一般分為_步。A.1 B.3 C.5 D.7 E.923. _是建立安防體系過程中極其關(guān)鍵的一步，它連接著安防重點(diǎn)和商業(yè)需求。它揭示了關(guān)鍵性的商業(yè)活動對資源的保密性、集成性和可用性等方面的影響。A.安全風(fēng)險(xiǎn)分析

8、B.網(wǎng)絡(luò)系統(tǒng)現(xiàn)狀 C.安全需求與目標(biāo)D.安全方案設(shè)計(jì) E.安全解決方案24. 安全的網(wǎng)絡(luò)必須具備哪些特征？A.保密性 B.完整性 C.可用性 D.可控性 E.以上都正確25. GIF and JPG image files have not found that be infected with viruses.A.TRUE B. FALSE26. Word Documents cannot be infected with viruses.A.TRUE B. FALSE27. Which type of viruses is cleanable?A.Trojans virus B. Encr

9、ypted Messages C.Macro ViruseD.Password-protected Files28. What type of malware is usually a destructive program that is not able to infect other files and comes concealed in software that not only appears harmless, but is also particularly attractive to the unsuspecting user (such as a game)A.Joke

10、Programs B.Trojan Horse C.Macro Viruses D.Windows Viruses29. What is a general term used to refer to any unexpected or malicious programs or mobile codes?A.Scripts B.VBA C.Java D.Malware30. Which statement of PE_CIH virus is not correct.A.PE_CIH becomes memory resident once a file (which is infected

11、 by it) is executedB.This virus is available in Windows 95/98 only. Therefore, Windows NT systems are safe from the CIH infectionC.PE_CIH have destructive payloads that are triggered on the 25th day of a monthD. It also tries to do some permanent damage to the system by corrupting data stored in the

12、 Flash BIOS31. I found some viruses on my HD file and the virus name listed of the form: W97M_XXXX. What are these virusesA.Trojan house virus, they cant infect, can only damageB.Word97 macro virus C.Excel97 macro virus D.Windows31 virus (16bit)32. What is the defining characteristic of Trojan horse

13、 programs?A.They are not intended to cause harm and only make fun of the userB.They replicate and attach themselves to host filesC.They appear to be harmless but hide malicious intentD.They do not require user intervention to spread or function.33. Why are firewalls limited in their ability to prote

14、ct networks against mixed-threat attacks?A.Firewalls are not designed to filter out viruses or malwareB.Firewalls can detect macro and script viruses, but they will not detect boot viruses, Trojans, or Distributed Denial of Service (DDoS) attacksC.Firewalls will allow a virus to pass into the networ

15、k if the file in which it is embedded conforms to an accepted protocolD.Firewalls can only detect viruses or worms that are independent programsE. if the virus or worm is embedded in another program or file, the firewall will let it pass.34. What sort of virus is capable of taking up residence in me

16、mory and then infecting the boot sector and all executables found in the system?A.Boot-sector virus B.Macro virus C.Windows virus D.Multipartite virus35. What made the CodeRed worm unique from earlier computer threats?A.It attacks Web servers instead of desktop PCs.B.It replicates itself.C.It execut

17、es hostile code once it is resident in a target computer.D.It creates multiple distributed denial-of-service attacks.36. While you are working on a document on Microsoft Word, you notice that your system slightly slows down in performance. Is it correct to assume that a virus is present on your syst

18、em?A.Yes. System slowdown is a strong indication of virus infectionB.No. The system slowdown may be attributed to other factors, not necessarily virus infection.C.Yes. A malware is probably using up too much memory space.D.No. A virus cannot be present because my antivirus software is enabled and ru

19、nning37. Where can the administrator find PC-cillin 2003s ActiveUpdate debug log?A.system B.System32drivers C.temp D.ActiveUpdatetemp E.38. Which of the option below is NOT part of of PC-cillin 2003s Advanced configration tab?A.Quarantine B.Sync PDA C.Update Now D.View LogsE.Internet COntrol Traffic

20、39. Is it possible for PC-cillin to run 2 scan tasks simultaneously (Computer is left running)?A.Yes. However, the user must make sure that the second task would start running after the first task is completedB.Yes. However, the user must specify that there are two tasks to run in the program consol

21、eC.Yes. However, the user must make sure that PCC9.03 build is being usedD.No, this is not possibleE.Yes. However, the user must make sure that the first task would start running after the second task has started40. Emails can contains script viruses which automatically executes when you read the em

22、ail.A.TRUE B. FALSETCSP模擬考卷（二）(2008-10-29 19:00:33)標(biāo)簽：tcsp趨勢科技考證習(xí)題及答案it 分類：資源共享一、單選題。1. 可被授權(quán)實(shí)體訪問并按需求使用的特性，即當(dāng)需要時(shí)能否存取和訪問所需的信息的特性是指信息的？A.保密性 B.完整性 C.可用性 D.可控性 E.以上都正確2. 網(wǎng)絡(luò)安全漏洞可以分為各個(gè)等級，A級漏洞表示？A.允許本地用戶提高訪問權(quán)限，并可能使其獲得系統(tǒng)控制的漏洞B.允許惡意入侵者訪問并可能會破壞整個(gè)目標(biāo)系統(tǒng)的漏洞C.允許用戶中斷、降低或阻礙系統(tǒng)操作的漏洞D. 以上都不正確3. 在網(wǎng)絡(luò)攻擊的多種類型中，以遭受的資源目標(biāo)不能繼續(xù)

23、正常提供服務(wù)的攻擊形式屬于哪一種？A.拒絕服務(wù) B.侵入攻擊 C.信息盜竊 D.信息篡改 E.以上都正確4. 電子郵件的發(fā)件人利用某些特殊的電子郵件軟件在短時(shí)間內(nèi)不斷重復(fù)地將電子郵件寄給同一個(gè)收件人，這種破壞方式叫做_。A.郵件病毒 B.郵件炸彈 C.特洛伊木馬 D.邏輯炸彈5. 要想讓微機(jī)病毒今后永遠(yuǎn)不發(fā)生是A.可能的 B.或許可能的 C.大概很難 D.不可能6. 文件型病毒傳染的對象主要是_類文件.A.EXE和.WPS B. .COM和.EXE C. .WPS D.DBF7. 病毒通常是一種具有很高編程技巧、短小精悍的程序，是沒有文件名的秘密程序，具有依附于系統(tǒng)，并且不易被發(fā)現(xiàn)的特點(diǎn)，這說

24、明計(jì)算機(jī)病毒具有_。A.隱蔽性 B.潛伏性 C.破壞性 D.可觸發(fā)性8. 一般的數(shù)據(jù)加密可以在通信的三個(gè)層次來實(shí)現(xiàn):鏈路加密、節(jié)點(diǎn)加密、端到端加密。其中在節(jié)點(diǎn)處信息以明文出現(xiàn)的是_。A.鏈路加密方式 B.端對端加密方式 C.節(jié)點(diǎn)加密 D.都以明文出現(xiàn)E.都不以明文出現(xiàn)9. 基于用戶名和密碼的身份鑒別的正確說法是_。A.將容易記憶的字符串作密碼，使得這個(gè)方法經(jīng)不起攻擊的考驗(yàn)B.口令以明碼的方式在網(wǎng)絡(luò)上傳播也會帶來很大的風(fēng)險(xiǎn)C.更為安全的身份鑒別需要建立在安全的密碼系統(tǒng)之上D.一種最常用和最方便的方法，但存在諸多不足E.以上都正確 10. 用每一種病毒體含有的特征字節(jié)串對被檢測的對象進(jìn)行掃描，如果

25、發(fā)現(xiàn)特征字節(jié)串，就表明發(fā)現(xiàn)了該特征串所代表的病毒，這種病毒的檢測方法叫做_。A.比較法 B.特征字的識別法 C.搜索法 D.分析法 E.掃描法11. 防火墻（firewall）是指_。A.防止一切用戶進(jìn)入的硬件B.是置于不同網(wǎng)絡(luò)安全域之間的一系列部件的組合，是不同網(wǎng)絡(luò)安全域間通信流的唯一通道，能根據(jù)企業(yè)有關(guān)安全政策控制進(jìn)出網(wǎng)絡(luò)的訪問行為C.記錄所有訪問信息的服務(wù)器D.處理出入主機(jī)的郵件的服務(wù)器12. 關(guān)于主機(jī)入侵監(jiān)測的主要缺點(diǎn)，哪個(gè)不正確。A.看不到網(wǎng)絡(luò)活動 B.運(yùn)行審計(jì)功能要占用額外資源C.主機(jī)監(jiān)視感應(yīng)器不通用 D.管理和實(shí)施比較復(fù)雜 E.對加密通信無能為力13. 企業(yè)在選擇防病毒產(chǎn)品時(shí)，選

26、擇單一品牌防毒軟件產(chǎn)品的好處是什么？A.劃算的總體成本 B.更簡化的管理流程 C.容易更新 D.以上都正確14. 找出不良的密碼設(shè)定同時(shí)能追蹤登入期間的活動。這是_型的漏洞評估產(chǎn)品的功能之一。A.主機(jī)型 B.網(wǎng)絡(luò)型 C.數(shù)據(jù)庫 D.以上都不正確15. 下列說法不正確的是_。A.安防工作永遠(yuǎn)是風(fēng)險(xiǎn)、性能、成本之間的折衷B.網(wǎng)絡(luò)安全防御系統(tǒng)是個(gè)動態(tài)的系統(tǒng)，攻防技術(shù)都在不斷發(fā)展。安防系統(tǒng)必須同時(shí)發(fā)展與更新C.系統(tǒng)的安全防護(hù)人員必須密切追蹤最新出現(xiàn)的不安全因素和最新的安防理念，以便對現(xiàn)有的安防系統(tǒng)及時(shí)提出改進(jìn)意見D.建立100%安全的網(wǎng)絡(luò)E.安防工作是循序漸進(jìn)、不斷完善的過程16. 網(wǎng)絡(luò)攻擊的有效載體

27、是什么 ？A.黑客 B.網(wǎng)絡(luò) C.病毒 D.蠕蟲17. 對計(jì)算機(jī)網(wǎng)絡(luò)的最大威脅是什么？A.黑客攻擊 B.計(jì)算機(jī)病毒的威脅 C.企業(yè)內(nèi)部員工的惡意攻擊D.企業(yè)內(nèi)部員工的惡意攻擊和計(jì)算機(jī)病毒的威脅 18. 信息風(fēng)險(xiǎn)主要指那些？A.信息存儲安全 B.信息傳輸安全 C.信息訪問安全 D.以上都正確19. 常用的口令入侵手段有？A.通過網(wǎng)絡(luò)監(jiān)聽 B.利用專門軟件進(jìn)行口令破解C.利用系統(tǒng)的漏洞 D.利用系統(tǒng)管理員的失誤 E.以上都正確20. 計(jì)算機(jī)病毒的傳染性是指計(jì)算機(jī)病毒可以_A.從計(jì)算機(jī)的一個(gè)地方傳遞到另一個(gè)地方 B.傳染 C.進(jìn)行自我復(fù)制 D.擴(kuò)散21. 病毒通常在一定的觸發(fā)條件下，激活其傳播機(jī)制進(jìn)

28、行傳染，或激活其破壞機(jī)制對系統(tǒng)造成破壞,這說明計(jì)算機(jī)病毒具有_。A.隱蔽性 B.潛伏性 C.破壞性 D.可觸發(fā)性22. 下列各項(xiàng)中，哪一項(xiàng)不是文件型病毒的特點(diǎn)。A.病毒以某種形式隱藏在主程序中，并不修改主程序B.以自身邏輯部分取代合法的引導(dǎo)程序模塊，導(dǎo)致系統(tǒng)癱瘓C.文件型病毒可以通過檢查主程序長度來判斷其存在D.文件型病毒通常在運(yùn)行主程序時(shí)進(jìn)入內(nèi)存23. 在一條地址消息的尾部添加一個(gè)字符串，而收信人可以根據(jù)這個(gè)字符串驗(yàn)明發(fā)信人的身份，并可進(jìn)行數(shù)據(jù)完整性檢查，稱為_。A.身份驗(yàn)證 B. 數(shù)據(jù)保密 C.數(shù)字簽名 D.哈希（Hash）算法 E.數(shù)字證書 24. IP-Sec協(xié)議有兩種模式,其中透明模

29、式是指_。A.把IP-Sec協(xié)議施加到IP數(shù)據(jù)包上，但不改變數(shù)據(jù)包原來的數(shù)據(jù)頭B.把數(shù)據(jù)包的一切內(nèi)容都加密（包括數(shù)據(jù)頭），然后再加上一個(gè)新的數(shù)據(jù)頭C.把數(shù)據(jù)包的一切內(nèi)容都加密（包括數(shù)據(jù)頭），數(shù)據(jù)頭不變D.把IP-Sec協(xié)議施加到IP數(shù)據(jù)包上，然后再加一個(gè)新的數(shù)據(jù)頭25. MicroSoft Office Documents cannot be infected with viruses.A.Ture B.FALSE26. Most of Trojans virus are cleanable by Anti-virus product.A.Ture B.FALSE27. Which comma

30、nd will install a clean Master Boot Record and would usually be able to recover from an infected boot virus.A.SYS C: B.Format /mbr C.Fdisk /mbr D.Newfs -s28. I found some viruses on my HD file and the virus name listed of the form: PE_XXXX. What are these virusesA.Trojan house virus, they cant infec

31、t, can only damageB.Word95 macro virusC.Windows95,98 virus(32bit)D.No damage and doesnt infect, only shows some dialog or message29. I found some viruses on my HD file and the virus name listed of the form: Joke_XXXX. What are these virusesA.Trojan house virus, they cant infect, can only damageB.Wor

32、d97 macro virusC.Excel97 macro virusD.No damage and doesnt infect, only shows some dialog or message30. Which malware is created for the purpose of making fun and it does not intend to destroy data?A.Boot Viruses B.Joke Programs C.Java Viruses D.Windows Viruses31. Which of the following statements e

33、xplains how spam can result in a DoS attack?A.Spam often contains a harmful payload that recruits servers to attack targets on the InternetB.Excessive amounts of spam interfere with antivirus softwareC.Spam is designed to be harmful by a programmerD.Excessive amounts of spam consume bandwidth and ne

34、twork storage space.32. Which statement explains why the new SQL Slammer worm is so unusual?A.It infects Web servers instead of desktop PCs.B.It locates email addresses and sends infected email attachments.C.It is the fastest worm ever discoveredD.It spreads from computer to another by using port 44

35、5.33. What is NOT the common symptom of file-infecting viruses?A.Enlarged file sizes. B.Decreased file sizes.C.Slower processing speeds. D.Decreased memory.34. How does a spam relay hide a spammers identify?A.The person receiving the spam sees the ISP domainthe return addressof the relaying server i

36、nstead of the actual origin server.B.The person receiving the spam does not see any return address on the spam message.C.The relaying server creates a non-existent return address.D.The relaying server points to a fourth, unrelated server as the return address.35. Where can the administrator find PC-

37、cillin 2003s scan engine files?A.system B.System32drivers C.temp D.ActiveUpdatetemp E.36. When installing PC-cillin on a Gateway PC in ICS, what settings must be done with regards to the Firewall so all three components would have no problem connecting to each other and to the Internet?A.Include the

38、 two other computers in the Trusted Sites ListB.Set firewall to MediumC.Leave firewall to High but add “” in the Trusted Sites listD.Firewall should be turned off. It is a product limitation that PCCPFW cant be installed in a Gateway PCE.B or C37. Where does PC-cillin check its updates? 38. For MS W

39、ord macro viruses, when an infected document is opened, it will usually copy its macro codes unto what file (Also referred to as the default template)? E.None of the above39. What type of viruses infect the very first sector of diskettes and hard-disks?A.Boot Viruses B.DOS Viruses C.Java Viruses D.W

40、indows Viruses40. What type of viruses usually modify the header information and then attaches themselves as a new section to 32-bit executable programs?A.Trojan Horse B.Macro Viruses C.Windows Viruses D.Virus GeneratorsTCSP模擬考卷（三）(2008-10-29 18:57:39)標(biāo)簽：tcsp趨勢科技考證試題及答案雜談 分類：資源共享一、單選題。1. 高安全性的防火墻技術(shù)是

41、_。A.包過濾技術(shù) B.狀態(tài)檢測技術(shù) C.代理服務(wù)技術(shù) D.以上都不正確2. 入侵監(jiān)測的主要技術(shù)有：A.簽名分析法 B.統(tǒng)計(jì)分析法 C.數(shù)據(jù)完整性分析法 D.以上都正確 3. 入侵監(jiān)測系統(tǒng)的優(yōu)點(diǎn),正確的是_。A.能夠使現(xiàn)有的安防體系更完善 B.能夠更好地掌握系統(tǒng)的情況C.能夠追蹤攻擊者的攻擊線路，能夠抓住肇事者 D.便于建立安防體系 E.以上都正確4. 入侵監(jiān)測系統(tǒng)的發(fā)展方向以下描述最準(zhǔn)確的是？A.簽名分析技術(shù) B.統(tǒng)計(jì)分析技術(shù) C.數(shù)據(jù)完整性分析技術(shù)D.抗入侵技術(shù) E.以上都正確5. 多層次病毒防護(hù)體系的實(shí)施包括_。A.防護(hù)工作站 B.服務(wù)器 C.企業(yè)Internet聯(lián)接的病毒防護(hù)D.企業(yè)廣

42、域網(wǎng)的病毒防護(hù) E.以上都正確6. 選則防病毒軟件的供應(yīng)商時(shí)應(yīng)考慮_。A.供貨商提供的產(chǎn)品是否有前瞻性B.產(chǎn)品是否可與目前的網(wǎng)絡(luò)管理工具結(jié)合C.是否能藉由互聯(lián)網(wǎng)的特點(diǎn)，提供客戶實(shí)時(shí)服務(wù)及新產(chǎn)品D.開發(fā)出的產(chǎn)品功能是否符合市場需求E.以上都正確 7. 針對操作系統(tǒng)的漏洞作更深入的掃描，是_型的漏洞評估產(chǎn)品。A.數(shù)據(jù)庫 B.主機(jī)型 C.網(wǎng)絡(luò)型 D.以上都不正確8. 網(wǎng)絡(luò)安全漏洞可以分為各個(gè)等級，C級漏洞表示？A.允許本地用戶提高訪問權(quán)限，并可能使其獲得系統(tǒng)控制的漏洞B.允許惡意入侵者訪問并可能會破壞整個(gè)目標(biāo)系統(tǒng)的漏洞C.允許用戶中斷、降低或阻礙系統(tǒng)操作的漏洞D. 以上都不正確 9. 信息收集是網(wǎng)絡(luò)

43、攻擊的_A.第一步 B.第二步 C.第三步 D.最后一步10. 網(wǎng)絡(luò)攻擊的主要類型有哪些？A.拒絕服務(wù) B.侵入攻擊 C.信息盜竊 D.信息篡改 E.以上都正確11. Jolt通過大量偽造的ICMP和UDP導(dǎo)致系統(tǒng)變的非常慢甚至重新啟動，這種攻擊方式是_？A.特洛伊木馬 B.DDos攻擊 C.郵件炸彈 D.邏輯炸彈12. 什么是計(jì)算機(jī)病毒？A.它是一種生物病毒 B.它具有破壞和傳染的作用C.它是一種計(jì)算機(jī)程序 D.B和C13. 有關(guān)數(shù)字簽名的作用，哪一點(diǎn)不正確。A.唯一地確定簽名人的身份 B.對簽名后信件的內(nèi)容是否又發(fā)生變化進(jìn)行驗(yàn)證C.發(fā)信人無法對信件的內(nèi)容進(jìn)行抵賴 D.權(quán)威性 E.不可否認(rèn)性

44、 14. 鑒別雙方共享一個(gè)對稱密鑰KAB，該對稱密鑰在鑒別之前已經(jīng)協(xié)商好（不通過網(wǎng)絡(luò)）,這種身份鑒別機(jī)制叫做_。A.基于對稱密鑰密碼體制的身份鑒別技術(shù) B.基于用戶名和密碼的身份鑒別C.基于KDC的身份鑒別技術(shù) D.基于非對稱密鑰密碼體制的身份鑒別技術(shù)E.基于證書的身份鑒別技術(shù) 15. 對包過濾技術(shù)的不足，不正確的說法是_。A.包過濾技術(shù)是安防強(qiáng)度最弱的防火墻技術(shù)B.維護(hù)起來十分困難C.Ip包的源地址、目的地址、TCP端口號是唯一可以用于判斷是否包允許通過的信息D.不能阻止IP地址欺騙，不能防止DNS欺騙E.以上都不正確16. 關(guān)于防火墻的不足，不正確的是：A.防火墻不能防備病毒B.防火墻對不

45、通過它的連接無能為力,防火墻不能防備新的網(wǎng)絡(luò)安全問題C.防火墻不能防備內(nèi)部人員的攻擊D.防火墻限制有用的網(wǎng)絡(luò)安全服務(wù)E.不能限制被保護(hù)子網(wǎng)的泄露17. _分析法實(shí)際上是一個(gè)模板匹配操作，匹配的一方是系統(tǒng)設(shè)置情況和用戶操作動作，一方是已知攻擊模式的簽名數(shù)據(jù)庫。A.簽名分析法 B.統(tǒng)計(jì)分析法 C.數(shù)據(jù)完整性分析法 D.以上都正確18. 對企業(yè)網(wǎng)絡(luò)最大的威脅是_,請選擇最佳答案。A.黑客攻擊 B.外國政府 C.競爭對手 D.內(nèi)部員工的惡意攻擊19. 狹義的網(wǎng)絡(luò)安全是指？A.信息內(nèi)容的安全性 B.保護(hù)信息的秘密性、真實(shí)性和完整性C.避免攻擊者利用系統(tǒng)的安全漏洞進(jìn)行竊聽、冒充、詐騙、盜用等有損合法用戶利

46、益的行為D.保護(hù)合法用戶的利益和隱私 E.以上都正確20. 信息在存儲或傳輸過程中保持不被修改、不被破壞和不被丟失的特性是指信息的？A.保密性 B.完整性 C.可用性 D.可控性 E.以上都正確21. 在網(wǎng)絡(luò)攻擊的多種類型中，攻擊者竊取到系統(tǒng)的訪問權(quán)并盜用資源的攻擊形式屬于哪一種？A.拒絕服務(wù) B.侵入攻擊 C.信息盜竊 D.信息篡改 E.以上都正確22. ExeBind程序可以將指定的攻擊程序捆綁到任何一個(gè)廣為傳播的熱門軟件上，使宿主程序執(zhí)行時(shí)，寄生程序也在后臺被執(zhí)行，且支持多重捆綁。此類型的攻擊屬于_？A.特洛伊木馬 B.DDos攻擊 C.郵件病毒 D.邏輯炸彈23. 如果染毒文件有未被染

47、毒的備份的話，用備份覆蓋染毒文件即可,這種病毒清除方式適用于_。A.文件型病毒的清除 B.引導(dǎo)型病毒的清除 C.內(nèi)存殺毒D.壓縮文件病毒的檢測和清除 E.以上都正確 24. 對新建的應(yīng)用連接，狀態(tài)檢測檢查預(yù)先設(shè)置的安全規(guī)則，允許符合規(guī)則的連接通過，并在內(nèi)存中記錄下該連接的相關(guān)信息，生成狀態(tài)表。對該連接的后續(xù)數(shù)據(jù)包，只要符合狀態(tài)表，就可以通過。這種防火墻技術(shù)稱為_。A.包過濾技術(shù) B.狀態(tài)檢測技術(shù) C.代理服務(wù)技術(shù)D.以上都不正確25. Which factor(s) explain why computer networks have become more vulnerable to vir

48、us-related attacks?A.Most networks are not protected by antivirus softwareB.Many new devices that are available on the market can carry undetected viruses and spread them when connected to a networkC.The large numbers of new devices, operating systems, Web services, and online applications allows gr

49、eater access to networkD.A and B26. What is the default port number used by PC-cillin 2003 for POP3 Scanning?A.120 B.110 C.25 D.21 E.8027. Which of the following option(s) is/are available on the Program Update configuration screen on Trial Version? (Choose all that apply)A.Update Schedule - Check E

50、very # hoursB.Update Schedule - Update Every # MinsC.Update Schedule - Connect Only during the specified time periodD.Proxy InformationE.Automatically Update without alerts28. What is the Personal Firewall DEFAULT security level on PC-cillin 2003?A.Ultra B.High C.Medium D.Low E.Disabled29. For MS Ex

51、cel macro viruses, when an infected Excel sheet is opened, it will usually create an Excel file containing the macro codes in the startup directory. From there, the virus could then reproduce copies of itself unto other sheets accessed by MS Excel.What is the name of startup directory?A.OFFICE B.EXC

52、EL C.XLSTART D.Templates30. Which statement of VBS_BubbleBoy virus is correct?A.This virus will format your hardiskB.The virus will access the Notes client address book and send to each recipient in the book (50 recipients) a new emailC.This virus can be activated if the email is viewed through the

53、Preview Pane. In Microsoft Outlook, it can be activated automatically if the infected mail is opened.D.It comes in the form of a Windows PE executable called prettyorg.exe, via email and works under Windows 95/98/NT. It is a memory resident program that sends itself to all users in the address book

54、of the infected computer.31. I found some viruses on my HD file and the virus name listed of the form: VBS_XXXX. What are these virusesA.Access95 macro virusB.Trojan house virus, they cant infect, can only damageC.No damage and doesnt infect, only shows some dialog or messageD.VB Script virus32. Wha

55、t tool may be used for any MS office files, including MS Word documents, MS Excel spreadsheets, and MS Powerpoint presentations to check for possible macro virus infections? 33. What type of malware have the purpose of controlling computers remotely and to exploit some backdoors in some systems?A.Jo

56、ke Programs B.Remote Viruses C.Virus Droppers D.Net Hack Programs34. Which statement defines a dropper?A.They consume memory resources by replicating themselves.B.They are capable of destroying data files and damaging hardware.C.They trick the user into performing some harmful activity.D.They have n

57、o purpose except to release other malware35. PC-cillin is set to Quarantine uncleanable files. If user does not want store the quarantined files in the PC-cillin directory, how would he transfer this set PC-cillin to store it in another location?A.This is not possibleB.Edit the path in QuarantineDir

58、ectory in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directoryC.Edit the path in MoveDirectory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directoryD.Edit the path in Dire

59、ctory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directoryE.Edit the path in DeleteDirectory in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directory題目解析：The user must: Ed

60、it the path in MoveDirectory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directory36. PC-cillin has quarantined several infected files. If the user wants to restore all these files, how would he perform this?A.Disable real-time scan,