1、TCSP 模拟试卷一一.单选题: 1. 关于“攻击工具日益先进,攻击者需要的技能日趋下降”,不正确的观点是_。 A.网络受到攻击的可能性将越来越大 B.网络受到攻击的可能性将越来越小 C.网络攻击无处不在 D.网络风险日益严重 2. 保证网络安全的最主要因素是_。 A.拥有最新的防毒防黑软件 B.使用高档机器 C.使用者的计算机安全素养 D.安装多层防火墙 3. 安全漏洞产生的原因很多,其中口令过于简单,很容易被黑客猜中属于? A.系统和软件的设计存在缺陷,通信协议不完备 B.技术实现不充分C.配置管理和使用不当也能产生安全漏洞 D.以上都不正确 4. 计算机病毒的特征 A.隐蔽性 B.潜伏性
2、,传染性 C.破坏性 D.可触发性 E.以上都正确 5. 一台 PC 机的病毒可通过网络感染与之相连的众多机器。说明网络病毒具有_特点。 A.传染方式多 B.扩散面广 C.消除难度大 D.传播性强 E.多态性 6. 数据加密技术可以应用在网络及系统安全的哪些方面? A.数据保密 B.身份验证 C.保持数据完整性 D.确认事件的发生 E.以上都正确 7. 有关对称密钥加密技术的说法,哪个是确切的? A.又称秘密密钥加密技术,收信方和发信方使用相同的密钥 B.又称公开密钥加密,收信方和发信方使用的密钥互不相同 C.又称秘密密钥加密技术,收信方和发信方使用不同的密钥 D.又称公开密钥加密,收信方和发
3、信方使用的密钥互不相同 8. 在使用者和各类系统资源间建立详细的授权映射,确保用户只能使用其授权范围内的资源,并且通过访问控制列表(ACL: Access Control List) 来实现,这种技术叫做_。 A.资源使用授权 B.身份认证 C.数字签名 D.包过滤 E.以上都不正确 9. 为防止企业内部人员对网络进行攻击的最有效的手段是_。 A.防火墙 B.VPN(虚拟私用网) C.网络入侵监测 D.加密 E.漏洞评估 10. 首先根据被监测系统的正常行为定义出一个规律性的东西,称为“写照” ,然后监测有没有明显偏离“写照” 的行为。这指的是入侵分析技术的_。 A.签名分析法 B.统计分析法
4、 C.数据完整性分析法 D.以上都正确 11. 以下哪种方法主要通过查证文件或者对象是否被修改过,从而判断是否遭到入侵? A.签名分析法 B.统计分析法 C.数据完整性分析法 D.以上都正确 12. 某入侵监测系统收集关于某个特定系统活动情况信息,该入侵监测系统属于哪种类型。A.应用软件入侵监测系统 B.主机入侵监测系统 C.网络入侵监测系统 D.集成入侵监测系统 E.以上都不正确 13. 关于网络入侵监测的主要优点点,哪个不正确。 A.发现主机 IDS 系统看不到的攻击 B.攻击者很难毁灭证据 C.快速监测和响应 D.独立于操作系统 E.监控特定的系统活动 14. _入侵监测系统对加密通信无
5、能为力。 A.应用软件入侵监测系统 B.主机入侵监测系统 C.网络入侵监测系统 D.集成入侵监测系统 E.以上都不正确 15. 入侵防范技术是指_。 A.系统遇到进攻时设法把它化解掉,让网络和系统还能正常运转 B.攻击展开的跟踪调查都是事后进行,经常是事后诸葛亮,适时性不好 C.完全依赖于签名数据库 D.以上都不正确 16. 虚拟专用网(VPN)技术是指_。 A.在公共网络中建立专用网络,数据通过安全的 “加密管道”在公共网络中传播 B.在公共网络中建立专用网络,数据通过安全的“ 加密管道”在私有网络中传播 C.防止一切用户进入的硬件 D.处理出入主机的邮件的服务器 17. 何为漏洞评估? A
6、.检测系统是否已感染病毒 B.在公共网络中建立专用网络,数据通过安全的“ 加密管道”在公共网络中传播 C.通过对系统进行动态的试探和扫描,找出系统中各类潜在的弱点,给出相应的报告,建议采取相应的补救措施或自动填补某些漏洞 D.是置于不同网络安全域之间的一系列部件的组合,是不同网络安全域间通信流的唯一通道,能根据企业有关安全政策控制进出网络的访问行为 E.主要是监控网络和计算机系统是否出现被入侵或滥用的征兆 18. 漏洞评估的最主要的优点_。 A.适时性 B.后验性 C.预知性 D.以上都不正确 19. 所谓动态式的警讯是指当遇到违反扫描政策或安全弱点时提供实时警讯并利用email、 SNMP
7、traps、呼叫应用程序等方式回报给管理者。这是_型的漏洞评估产品的功能之一。 A.主机型 B.网络型 C.数据库 D.以上都不正确 20. 拒绝服务扫描测试是指提供拒绝服务 (Denial Of Service)的扫描攻击测试。 。这是_型的漏洞评估产品的功能之一。 A.主机型 B.网络型 C.数据库 D.以上都不正确 21. 漏洞评估产品在选择时应注意_。 A.是否具有针对网络、主机和数据库漏洞的检测功能 B.产品的扫描能力 C.产品的评估能力 D.产品的漏洞修复能力 E.以上都正确 22. 建立安全的企业网络一般分为_步。 A.1 B.3 C.5 D.7 E.9 23. _是建立安防体系
8、过程中极其关键的一步,它连接着安防重点和商业需求。它揭示了关键性的商业活动对资源的保密性、集成性和可用性等方面的影响。 A.安全风险分析 B.网络系统现状 C.安全需求与目标 D.安全方案设计 E.安全解决方案 24. 安全模型简称 MDPRR,有关 MDPRR 正确的是_。 A.manyM detectionD protectP recoveryR reactionR B. managementM detectionD peopleP recoveryR reactionR C. manM detectionD protectP redoR reactionR D. managementM
9、detectionD protectP recoveryR relayR E. managementM detectionD protectP recoveryR reactionR 25. For MS Excel macro viruses, when an infected Excel sheet is opened, it will usually create an Excel file containing the macro codes in the startup directory. From there, the virus could then reproduce cop
10、ies of itself unto other sheets accessed by MS Excel.What is the name of startup directory? A.OFFICE B.EXCEL C.XLSTART D.Templates26. What tool may be used for any MS office files, including MS Word documents, MS Excel spreadsheets, and MS Powerpoint presentations to check for possible macro virus i
11、nfections? A.FDISK.EXE B.DFVIEW.EXE C.REGEDIT.EXE D.SYS.COM 27. Which type of viruses is cleanable? A.Trojans virus B. Encrypted Messages C.Macro Viruses D.Password-protected Files 28. I found some viruses on my HD file and the virus name listed of the form: “W97M_XXXX“. What are these viruses A.Tro
12、jan house virus, they cant infect, can only damage B.Word97 macro virus C.Excel97 macro virus D.Windows31 virus (16bit) 29. I found some viruses on my HD file and the virus name listed of the form: “X97M_XXXX“. What are these viruses A.Access95 macro virus B.Word97 macro virus C.Excel97 macro virus
13、D.No damage and doesnt infect, only shows some dialog or message 30. I found some viruses on my HD file and the virus name listed of the form: “Joke_XXXX“. What are these viruses A.Trojan house virus, they cant infect, can only damage B.Word97 macro virus C.Excel97 macro virus D.No damage and doesnt
14、 infect, only shows some dialog or message 31. I found some viruses on my HD file and the virus name listed of the form: “JAVA_XXXX“. What are these viruses A.Trojan house virus, they cant infect, can only damage B.Word97 macro virus C.Java virus D.No damage and doesnt infect, only shows some dialog
15、 or message 32. Which factor(s) explain why computer networks have become more vulnerable to virus-related attacks? A.Most networks are not protected by antivirus software B.Many new devices that are available on the market can carry undetected viruses and spread them when connected to a network C.T
16、he large numbers of new devices, operating systems, Web services, and online applications allows greater access to network D.A and B 33. What is the defining characteristic of Trojan horse programs? A.They are not intended to cause harm and only make fun of the user B.They replicate and attach thems
17、elves to host files C.They appear to be harmless but hide malicious intent D.They do not require user intervention to spread or function. 34. Which statement explains why the new SQL Slammer worm is so unusual? A.It infects Web servers instead of desktop PCs. B.It locates email addresses and sends i
18、nfected email attachments. C.It is the fastest worm ever discovered D.It spreads from computer to another by using port 445. 35. What sort of virus is capable of taking up residence in memory and then infecting the boot sector and all executables found in the system? A.Boot-sector virus B.Macro viru
19、s C.Windows virus D.Multipartite virus 36. While you are working on a document on Microsoft Word, you notice that your system slightly slows down in performance. Is it correct to assume that a virus is present on your system? A.Yes. System slowdown is a strong indication of virus infection B.No. The
20、 system slowdown may be attributed to other factors, not necessarily virus infection. C.Yes. A malware is probably using up too much memory space. D.No. A virus cannot be present because my antivirus software is enabled and running 37. PC-cillin is set to Quarantine uncleanable files. If user does n
21、ot want store the quarantined files in the PC-cillin directory, how would he transfer this set PC-cillin to store it in another location? A.This is not possible B.Edit the path in QuarantineDirectory in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the
22、desired directory C.Edit the path in MoveDirectory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directory D.Edit the path in Directory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to
23、the desired directory E.Edit the path in DeleteDirectory in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMicroPc-cillinManualScan to the desired directory 题目解析:The user must: Edit the path in MoveDirectory2nd in HKLMSoftwareTrendMicroPc-cillinRealtimeScan and HKLMSoftwareTrendMic
24、roPc-cillinManualScan to the desired directory38. Which of the option below is NOT part of of PC-cillin 2003s Advanced configration tab? A.Quarantine B.Sync PDA C.Update Now D.View Logs E.Internet COntrol Traffic 题目解析:Sync is not an option of the Advanced Configuration tab.39. Would Intelligent Upda
25、te work when user is logged in as a POWER user or a user in a Windows 2000 environment? A.Yes, by default, Intelligent update would work in this scenario B.Yes, but the user must edit the permissions in the registry C.Intelligent Update would work only when logged in as power user and not as ordinar
26、y user D.No E.Intelligent Update would work only when logged in as an ordinary user and not as power user 题目解析:Intelligent Update will not work in either case.40. One of the new features added to PC-cillin 2003 is the Outbreak Alert. What does this feature provide? A.It alerts the user that there ha
27、s been multiple virus detected on your PC within a defined period of time B.It is a active service that informs user in advance when a serious virus outbreak is occurring C.It alerts the user if it detects a virus spreading through network drives D.It alerts the user if it detects someone trying to
28、hack into your system E.It is just the customized version of the standard alert 题目解析:It alerts the user of multiple virus attacks within a given period of time.TSCP 模拟试卷二1.单选题: 1. 安全的网络必须具备哪些特征? A.保密性 B.完整性 C.可用性 D.可控性 E.以上都正确 2. 可被授权实体访问并按需求使用的特性,即当需要时能否存取和访问所需的信息的特性是指信息的? A.保密性 B.完整性 C.可用性 D.可控性 E
29、.以上都正确 3. 网络安全漏洞可以分为各个等级,A 级漏洞表示? A.允许本地用户提高访问权限,并可能使其获得系统控制的漏洞 B.允许恶意入侵者访问并可能会破坏整个目标系统的漏洞 C.允许用户中断、降低或阻碍系统操作的漏洞 D. 以上都不正确 6. 电子邮件的发件人利用某些特殊的电子邮件软件在短时间内不断重复地将电子邮件寄给同一个收件人,这种破坏方式叫做_。 A.邮件病毒 B.邮件炸弹 C.特洛伊木马 D.逻辑炸弹8. 要想让微机病毒今后永远不发生是 A.可能的 B.或许可能的 C.大概很难 D.不可能 9. 文件型病毒传染的对象主要是_类文件. A.EXE 和.WPS B. .COM 和.
30、EXE C. .WPS D.DBF 10. 病毒通常是一种具有很高编程技巧、短小精悍的程序,是没有文件名的秘密程序,具有依附于系统,并且不易被发现的特点,这说明计算机病毒具有_。 A.隐蔽性 B.潜伏性 C.破坏性 D.可触发性 12. 一般的数据加密可以在通信的三个层次来实现:链路加密、节点加密、端到端加密。其中在节点处信息以明文出现的是_。 A.链路加密方式 B.端对端加密方式 C.节点加密 D.都以明文出现 E.都不以明文出现 13. 基于用户名和密码的身份鉴别的正确说法是_。 A.将容易记忆的字符串作密码,使得这个方法经不起攻击的考验 B.口令以明码的方式在网络上传播也会带来很大的风险
31、 C.更为安全的身份鉴别需要建立在安全的密码系统之上 D.一种最常用和最方便的方法,但存在诸多不足 E.以上都正确 14. 用每一种病毒体含有的特征字节串对被检测的对象进行扫描,如果发现特征字节串,就表明发现了该特征串所代表的病毒,这种病毒的检测方法叫做_。 A.比较法 B.特征字的识别法 C.搜索法 D.分析法 E.扫描法 15. 防火墙(firewall )是指_ 。 A.防止一切用户进入的硬件 B.是置于不同网络安全域之间的一系列部件的组合,是不同网络安全域间通信流的唯一通道,能根据企业有关安全政策控制进出网络的访问行为 C.记录所有访问信息的服务器 D.处理出入主机的邮件的服务器 20
32、. 企业在选择防病毒产品时,选择单一品牌防毒软件产品的好处是什么? A.划算的总体成本 B.更简化的管理流程 C.容易更新 D.以上都正确 21. 找出不良的密码设定同时能追踪登入期间的活动。这是_型的漏洞评估产品的功能之一。 A.主机型 B.网络型 C.数据库 D.以上都不正确 24. 下列说法不正确的是_。 A.安防工作永远是风险、性能、成本之间的折衷 B.网络安全防御系统是个动态的系统,攻防技术都在不断发展。安防系统必须同时发展与更新 C.系统的安全防护人员必须密切追踪最新出现的不安全因素和最新的安防理念,以便对现有的安防系统及时提出改进意见 D.建立 100%安全的网络 E.安防工作是
33、循序渐进、不断完善的过程 25. For MS Word macro viruses, when an infected document is opened, it will usually copy its macro codes unto what file (Also referred to as the default template)? A.DEFAULT.TEM B.NORMAL.DOT C.WIN.INI D.AUTOEXEC.BAT E.None of the above 26. Word Documents cannot be infected with viruses.
34、 A.TRUE B. FALSE 27. Trojans and Joke viruses are able to reproduce themselves by attaching a copy of themselves unto host programs. A.TRUE B. FALSE 28. What type of viruses are embedded inside mail messages or web pages and are automatically executed by some mail or web browsers? A.Macro Viruses B.
35、Boot Viruses C.Embedded Viruses D.Script Viruses 30. What type of malware have the purpose of controlling computers remotely and to exploit some backdoors in some systems? A.Joke Programs B.Remote Viruses C.Virus Droppers D.Net Hack Programs 31. Trojans differ from traditional viruses in that they d
36、o not attempt to reproduce themselves like traditional viruses do. A.TRUE B. FALSE 32. Which command will install a clean Master Boot Record and would usually be able to recover from an infected boot virus. A.SYS C: B.Format /mbr C.Fdisk /mbr D.Newfs -s 34. Which of the following statements explains
37、 how spam can result in a DoS attack? A.Spam often contains a harmful payload that recruits servers to attack targets on the Internet B.Excessive amounts of spam interfere with antivirus software C.Spam is designed to be harmful by a programmer D.Excessive amounts of spam consume bandwidth and netwo
38、rk storage space. 35. What made the CodeRed worm unique from earlier computer threats? A.It attacks Web servers instead of desktop PCs. B.It replicates itself. C.It executes hostile code once it is resident in a target computer. D.It creates multiple distributed denial-of-service attacks. 36. Your a
39、ntivirus software detects a virus that is present in your system. You have verified this accordingly by inspecting the files that the virus has dropped. In order to manually clean your system, what should you do first? A.Reboot your system to remove the virus from memory B.Obtain the name of the vir
40、us so that you can look it up in the Virus Encyclopedia for an appropriate solution C.Reformat your system D.Inspect each file on your system manually 38. When installing PC-cillin on a Gateway PC in ICS, what settings must be done with regards to the Firewall so all three components would have no p
41、roblem connecting to each other and to the Internet? A.Include the two other computers in the Trusted Sites List B.Set firewall to Medium C.Leave firewall to High but add “0.0.0.0” in the Trusted Sites list D.Firewall should be turned off. It is a product limitation that PCCPFW cant be installed in
42、a Gateway PC E.B or C 题目解析:The user can set the firewall to medium or set it to high with “0.0.0.0” added in the Trusted Sites list.39. What is the minimum time interval for the PC-cillin 2003s Intelligent Updates? A.10 min B.30 min C.1 Hour D.3 Hours E.5 Hours 题目解析:The minimum time interval is thre
43、e hours.40. Is it possible for PC-cillin to run 2 scan tasks simultaneously (Computer is left running)? A.Yes. However, the user must make sure that the second task would start running after the first task is completed B.Yes. However, the user must specify that there are two tasks to run in the prog
44、ram console C.Yes. However, the user must make sure that PCC9.03 build is being used D.No, this is not possible E.Yes. However, the user must make sure that the first task would start running after the second task has started TSCP 模拟试卷三一.单选题: 1. 网络攻击的有效载体是什么 ? A.黑客 B.网络 C.病毒 D.蠕虫 2. 对计算机网络的最大威胁是什么? A.黑客攻击 B.计算机病毒的威胁 C.企业内部员工的恶意攻击 D.企业内部员工的恶意攻击和计算机病毒的威胁 3. 信息风险主要指那些? A.信息存储安全 B.信息传输安全 C.信息访问安全 D.以上都正确 4. 常用的口令入侵手段有? A.通过网络监听 B.利用专门软件进行口令破解 C.利用系统的漏洞 D.利用系统管理员的失误 E.以上都正确 7. 下列各项中,哪一项不是文件型病毒的特点。 A.病毒以某种形式隐藏在主程序中,并不修改主程序
