精选新版安全专业测试版复习题库588题含答案.docx

1、精选新版安全专业测试版复习题库588题含答案2020年安全专业考试复习题库588题【含答案】一、选择题16、相对于BIND，WindowsDNS存在很多的不足，处在一个被取代的趋势，下面说法正确的是：A、在认证、加密、访问控制上存在缺陷B、windows代码不公开，不像BIND经过严格测试评估C、在软件开发上，BIND投入很大，对DNS这个领域的发展有很大的影响D、BIND有很高的使用率参考答案：ABCD229.下列哪些操作可以看到自启动项目？A注册表B开始菜单C任务管理器Dmsconfig参考答案：ABD324.下列哪些是WINDOWS系统开放的默认共享A.IPC$B.ADMIN$C.C$D

2、.CD$参考答案：ABC423.下列哪个程序可以直接读出winlogon进程中缓存的密码A.findpassB.pwdumpC.JOHND.l0phtcrack参考答案：A522.风险评估包括以下哪些部分：A、资产评估B、脆弱性评估C、威胁评估参考答案：ABC620WindowsNT中哪个文件夹存放SAM文件？A%Systemroot%B%Systemroot%system32samC%Systemroot%system32configD%Systemroot%config参考答案：C716.SQLSERVER中下面那个存储过程可以执行系统命令？A、xp_regreadB、xp_command

3、C、xp_cmdshellD、sp_password参考答案：C812FINGER服务使用哪个TCP端口？A69B.119C.79D.70参考答案：C910UNIX中，可以使用下面哪一个代替Telnet，因为它能完成同样的事情并且更安全？AS-TELNETBSSHCFTPDRLOGON参考答案：B109在UNIX中，ACL里的一组成员与某个文件的关系是rwxr，那么可以对这个文件做哪种访问？A可读但不可写B可读可写C可写但不可读D不可访问参考答案：A113、用非root用户身份来运行BIND服务A、采用非root用户身份来运行应用服务，是一个通用的安全方法，符合最小化授权的原则。B、现在绝大多

4、数Linux的发行商都让named以普通用户的权限运行，可以通过命令named-u，定义域名服务器运行时所使用的UID。C、假如一个solairs系统上，BIND服务运行的用户名为named，我们不可以给这个用户一个空shell，（即/dev/null），否则会造成BIND服务无法正常运行。D、使用非root用户身份运行BIND应用能够降低缓冲区溢出攻击所带来的危险。参考答案：ABD124从部署的位置看，入侵检测系统主要分为？A网络型、控制型B主机型、混合型C网络型、主机型D主机型、诱捕型参考答案：C13对于需要进行双层防火墙进行防护的系统，为避免因同品牌或同种类防火墙弱点被利用导致双重防护措

5、施全部失效的风险，需要实现：（）。A、单层防火墙防护B、双重防火墙防护C、单层异构防火墙防护D、双重异构防火墙防护参考答案：D143、下面对于WindowsDNS日志功能的说法，其中错误的是：A、对于DNS服务启动、停止的事件，将记录在windowseventlog日志中B、通过日志功能可以记录的事件包括：区域更新、查询、动态更新等C、通过设定自动定期删除，可以防止日志文件过大D、日志文件缺省存放在系统盘上，应将日志文件存放到非系统盘，以防止将系统盘占满参考答案：C151、下面关于WindowsDNS的说法，正确的是：A、支持TSIG技术，针对区带传输（ZONETransfer）进行保护，利用

6、密码学编码方式为通讯传输信息加密B、不支持DNSSEC技术C、支持WINS查询功能D、支持动态更新，适用部署在DHCP的网络环境参考答案：BCD169、下面那些方法，可以实现对IIS重要文件的保护或隐藏？A、通过修改注册表，将缺省配置文件改名，并转移路径B、将wwwroot目录，更改到非系统分区C、修改日志文件的缺省位置D、将脚本文件和静态网页存放到不同目录，并分配不同权限参考答案：ABCD177、下面对于IIS的wwwroot目录的权限配置，说法正确的是：A、一个目录在操作系统上被分配的权限与在IIS中的被分配的权限无关B、如果wwwroot目录下存在脚本，则必须打开脚本资源访问权限C、如果

7、打开了目录浏览权限，如果缺省网页不存在（index.html）时，客户端就可以直接浏览到wwwroot目录的目录结构D、此目录必须具备读取权限，否则通过ie就不能访问到此站点参考答案：CD187、关于Whisker对Apache的扫描，下面说法正确的是：A、通过模式匹配方法，禁止掉具有某些特征的访问请求，可以通过LocationMatch来配置B、在cgi-bin目录，建立欺骗性脚本，当Whisker扫描到这些脚本时，这些脚本被执行。在这些脚本里通过定义一些功能，比如报警功能，可以发邮件告知管理员发生了cgi扫描C、robots.txt文件是帮助google、baidu等搜索引擎抓取网页用的用

8、的，扫描软件没有利用这种技术D、以上说法均不正确参考答案：AB194、DoS是一种以耗尽主机或网络资源为目的的攻击方式。Apache本身就带有防止DoS的功能，针对下面的配置Timeout60KeepAliveOnKeepAliveTimeout15StartServers10MinSpareServers10MaxSpareServers20MaxClients256请找出下面正确的描述：A、当一个客户端与服务器端建立起tcp连接，如果客户端60秒钟内没有发送get请求（或其他http方法调用put,post等），则此tcp连接将被Apache认为超时而断开B、开启KeepAlive，Apa

9、che将允许在同一个TCP连接中进行多次请求。比如：网页中有多个gifs图片，这些图片就可以在一个TCP连接中，传输。C、MaxClients为apache可以接受最多的客户端请求的数目D、MaxClients最大为256，当超过256时，需要重新配置、编译apache参考答案：ABCD201、Apache安装配置完成后，有些不用的文件应该及时删除掉。下面可以采用的做法是：A、将源代码文件转移到其他的机器上，以免被入侵者来重新编译apacheB、删除系统自带的缺省网页，一般在htdocs目录下C、删除cgi例子脚本D、删除源代码文件，将使apache不能运行，应禁止一般用户对这些文件的读权限参

10、考答案：ABC219、针对下列配置，描述正确的说法为：/etc/named.confoptionsdirectory/var/named;allow-query202.96.44.0/24;allow-transfer192.168.100.0/24;none;A、允许进行域名查询的主机IP列表为202.96.44.0/24B、允许进行区域记录传输的主机IP列表为192.168.100.0/24C、允许进行域名查询的主机IP列表为192.168.100.0/24D、允许进行区域记录传输的主机IP列表为202.96.44.0/24参考答案：AB228、DNS服务器面临的最常见的一种攻击是dos攻

11、击，关于dos攻击描述正确的是：A、有一种攻击方式，该攻击的目标不是DNS服务器，而是利用DNS服务器作为中间的攻击放大器，去攻击其它intetnet上的主机，导致被攻击主机拒绝服务B、用非root用户身份来运行BIND服务可以防范dos攻击。C、通过限制查询主机的IP地址可以有效的减轻拒绝服务攻击的影响，以及内部网络结构的泄露。D、采用负载均衡或主、备方式，配置多个DNS服务器，保证系统的冗余性和高可用性参考答案：ACD23Which system provides relay services between two devices?A. Proxy serverB. GatewayC.

12、VPND. Screening routerAnswer: B248MD5产生的散列值是多少位？A56B64C128D160参考答案：C25Which level(s) of security as defined by the National Computer Security Center (NCSC) is attained by many out of the box implementations of commercially available operating systems?A. Level B2B. Level DC. Level D through B2D. Leve

13、l B through B2Answer: C26What is a PRIMARY reason for designing the security kernel to be as small as possible?A. The operating system cannot be easily penetrated by users.B. Changes to the kernel are not required as frequently.C. Due to its compactness, the kernel is easier to formally verify.D. Sy

14、stem performance and execution are enhanced.Answer: C27What is the primary security problem with FTP?A. Anonymous logins do not require a passwordB. Damaging programs can be executed on the clientC. Damaging programs can be executed on the serverD. The login name and password are sent to the server

15、in cleartextAnswer: D28Which of the following layers of TCP/IP stacks is the most difficult to secure?A. PhysicalB. NetworkC. TransportD. ApplicationAnswer: D29While assessing the risk of a network, which step are you conducting when you determine whether thenetwork can differentiate itself from oth

16、er networks?A. Considering the business concernsB. Analyzing, categorizing and prioritizing resourcesC. Evaluating the existing perimeter and internal securityD. Using the existing management and control architectureAnswer: C30Most hackers run two services first learn information about a computer or

17、 Windows server attached tothe Internet or intranet. These services enable hackers to find weaknesses in order to infiltrate thecomputer or network. Which one of the following choices lists the two services?A. Ping and tracerouteB. Nslookup and whoisC. Whois and pingD. Nslookup and tracerouteAnswer:

18、 B31A file is replace by another file that provides the same service but also has a secret operation that ismeant to subvert security. What is this type of attack called?A. A buffer overflow attackB. A Trojan attackC. A denial-of-service attackD. An illicit server attackAnswer: B32Which service, com

19、mand or tool discovers the IP addresses of all computers or routers between twocomputers on an internet/intranet network?A. WhoisB. Port scannerC. TracerouteD. NslookupAnswer: C33Which type of attack can use a worm or packet sniffer to crash systems, causing low resources and/orconsuming bandwidth?A

20、. Denial-of-service attackB. Illicit server attackC. Man-in-the-middle attackD. Virus attackAnswer: A34Which service, tool or command allows a remote or local user to learn the directories or files that areaccessible on the network?A. TracerouteB. Share scannerC. Port scannerD. Ping scannerAnswer: B

21、35In a Linux system, how do you stop the POP3, IMAPD, and FTP services?A. By changing the permissions on the configuration file that controls the service (/sbin/inetd), thenrecompiling /etc/inetd.configB. By commenting out the service using the # symbol in the text file /etc/inetd.conf, then restart

22、ing theinetd daemonC. By recompiling the system kernel, making sure you have disabled that serviceD. By commenting out the service using the $ symbol in the text file /etc/inetd.conf, then restarting theinetd daemon.Answer: B36IP协议安全功能要求分为：（）。A、基本协议安全功能要求、路由协议安全功能要求、OSPF协议安全功能要求B、基本协议安全功能要求、路由协议安全功能

23、要求、ISIS协议安全功能要求C、基本协议安全功能要求、路由协议安全功能要求、SNMP协议安全功能要求D、基本协议安全功能要求、路由协议安全功能要求、BGP协议安全功能要求参考答案：C37What are the security issues that arise in the use of the NFS (Network File System)?A. Synchronization of user and group IDs is poor, so it is easy to spoof trusted hosts and user names.B. The lack of loggi

24、ng in one place or on one machine, and the multiple logs this then requires, cancreate bottlenecksC. The possibility arises for Cleartext passwords to be sniffed on the network if it does not use SecureRPC.D. NFS uses a weak authentication scheme and transfers information in encrypted formAnswer: A3

25、8每一个安全域总体上可以体现为以下的层面：（）。A、接口层B、核心层C、系统层D、网络层参考答案：ABC39Which of the following best describes the problem with share permissions and share points in WindowsNT?A. Share points must be the same value as the directory that serves the share pointB. Share points contains permissions; and any file under the

26、 share point must possess the samepermissionsC. Share permissions are exclusive to root directories and files; they do not involve share points, whichdefine user permissionsD. Share points are set when connection is established, therefore the static nature of file permissions canconflict with share

27、points if they are not set with read and write permissions for everyone.Answer: B40Michel wants to write a computer virus that will cripple UNIX systems. What is going to be the mainobstacle preventing him from success?A. UNIX computers are extremely difficult to access illicitly over the internet,

28、and therefore computerviruses are not an issue with UNIX systemsB. Due to the file permission structure and the number of variations in the UNIX hardwarearchitectures, a virus would have to gain root privileges as well as identify the hardware and UNIXflavor in use.C. Due to availability of effectiv

29、e free anti-virus tools, computer viruses are caught early and often.Michels virus would have to evade detection for it to succeed.D. Due to the extensive use of ANSI C in the programming of UNIX, the virus would have to mimicsome of the source code used in the infected iteration of the UNIX operati

30、ng systemAnswer: B41Under the level C2 security classification, what does discretionary access control mean?A. Discretionary access control means that the owner of a resource must be able to use that resourceB. Discretionary access control is the ability of the system administrator to limit the time

31、 any userspends on a computerC. Discretionary access control is a policy that limits the use of any resource to a group or a securityprofileD. Discretionary access control is a rule set by the security auditor to prevent others from downloadingunauthorized scripts or programs.Answer: A42终端安全管理目标：规范支撑系统中终端用户的行为，降低来自支撑系统终端的安全威胁，重点解决以下问题（）。A、终端接入和配