2020 National Information Security Level Examination NISP Level 1 (Mock 3)
NISP Level One Multiple Choice Questions (latest) (2 points for each question, 50 questions in total, 100 points in total, 60 passing)
DES is a block algorithm that uses key encryption. Its full English name is ()
A.Data Encryption Standard;B.Dynamic Encryption Standard;C.Dynamic Ellipse System;D.Digital Ellipse System
The correct answer is: A Your answer is: A Score for this question: 2
CIDF (Common Intrusion Detection Framework) is committed to standardizing intrusion detection, its full name is ()
A. General intrusion detection framework; B. Intrusion detection data standard draft; C. Security component interaction protocol; D. Intrusion detection interface standard protocol
The correct answer is: A Your answer is: A Score for this question: 2
SQL is a standard language used for database access, with functions such as query, update, and database management. The full English name is ()
A.Structured Query Language;B.Standard Query Language;C.Security Query Language;D.Standard Query Layer
The correct answer is: A Your answer is: A Score for this question: 2
IP refers to the protocol for interconnection between networks, its full name is ()
A. Internet Positon; B. Internet Protocol; C. Image Protocol; D. The above are not correct
The correct answer is: B Your answer is: B Score for this question: 2
OSI calls the unit of data exchanged between layers SDU, and the Chinese name of SDU is ()
A. Signal data unit; B. Protocol data unit; C. Service data unit; D. Interface data unit
The correct answer is: C Your answer is: C Score for this question: 2
The following are not the source of database risk ()
A. Super management user sa; B. User assigned authority is too small; C. Too many network protocols are enabled; D. The database uses the default port
The correct answer is: B Your answer is: B Score for this question: 2
RIP is a distributed routing protocol based on distance vector, its full English name is ()
A.Routing Information Protocol;B.Routing Informercial Protocol;C.Routine Information Protocol;D.Routine Informercial Protocol
The correct answer is: A Your answer is: A Score for this question: 2
A warehouse that organizes, stores, and manages data according to a data structure is called a database. In a transaction-supporting database, after the transaction is completed, the changes made by the transaction to the database will be persistently stored in the database, which reflects the database. A nature?
A. Consistency; B. Persistence; C. Atomicity; D. Isolation
The correct answer is: B Your answer is: B Score for this question: 2
As cybersecurity threats become increasingly prominent, people pay more and more attention to cybersecurity, including providing security protection measures to () in the network environment
A. Information processing and transmission; B. Information storage and access; C. Information carrier; D. All of the above
The correct answer is: D Your answer is: D Score for this question: 2
The logs are divided into application logs, security logs and system logs. Which of the following are not security logs?
A. SQL Server database program backup set log; B. Log in to the system successfully; C. Delete system files; D. Create system files
The correct answer is: A Your answer is: A Score for this question: 2
Which of the following are network security devices?
A. Router; B. Switch; C. Hub; D. Firewall
The correct answer is: D Your answer is: D Score for this question: 2
Network security equipment is a facility to protect network security. Which of the following is not a security device?
A. Firewall //Firewall; B. Virtual Private Network //VPN Network; C. WEB Application Firewall //Waf; D. Camera
The correct answer is: D Your answer is: D Score for this question: 2
Apache has a built-in function to record server activities. Which of the following statements about Apache server logs is correct?
A. Its logs are roughly divided into two categories: access logs and error logs; B. Its logs are roughly divided into three categories: access logs, error logs, and warning logs; C. Its logs are only access logs; D. Its logs are only error logs
The correct answer is: A Your answer is: A Score for this question: 2
A database is a warehouse that stores management data according to a data structure. Which of the following statements about the database is incorrect?
A. Generally use the transaction work model to run; B. All users can access the data in the database at the same time; C. Oracle, Sqlserver, and Apache are all databases; D. The databases all have transaction logs
The correct answer is: C Your answer is: C Score for this question: 2
Database transaction refers to a series of operations performed by a single logical unit. Which of the following statements about transactions is incorrect?
A. When the transaction is completed, all data must be kept in a consistent state; B. The transaction must meet the atomicity, and the encapsulated operations must be done or not done at all; C. The transaction management system guarantees the concurrent execution of multiple transactions to meet ACID features; D. The database does not have to have transaction logs
The correct answer is: D Your answer is: D Score for this question: 2
FTP is the abbreviation of File Transfer Protocol. What is wrong in the following description of FTP?
A. It is a set of standard protocols used for file transmission on the network; B. It uses client/server working mode; C. It has only one transmission mode; D. It is used for two-way transmission of control files on the Internet
The correct answer is: C Your answer is: C Score for this question: 2
There are many ways to collect system logs. Which of the following are methods of collecting system logs in text mode?
A. Multimedia voice; B. WeChat; C. Mail; D. Telephone
The correct answer is: C Your answer is: C Score for this question: 2
Which of the following statements about Web Service is wrong?
A. It is a Web application; B. It cannot be cross-platform; C. It can be described using open XML standards; D. It is open
The correct answer is: B Your answer is: B Score for this question: 2
What is wrong with the following description of XML?
A. It cannot realize the integrated management of various data; B. XML strictly defines the portable structured data; C. It has self-description, scalability, hierarchy, and information interoperability among heterogeneous systems, etc. Features; D.XML is a data exchange standard in the heterogeneous Internet environment
The correct answer is: A Your answer is: A Score for this question: 2
The following are one-to-one recursive associations?
A. Refers to a one-to-one relationship between similar objects; B. Refers to multiple entities associated with one entity in different types of objects; C. Refers to a many-to-many relationship among similar entities; D. Refers to similar entities Many-to-one
The correct answer is: A Your answer is: A Score for this question: 2
The following are many-to-many recursive associations ()
A. Refers to the one-to-one relationship between objects of the same type; B. Refers to multiple entities associated with one entity in the same object; C. Refers to the many-to-many relationship among similar entities; D. Refers to the same type The relationship in the entity is many-to-one
The correct answer is: C Your answer is: C Score for this question: 2
The following are one-to-many recursive associations ()
A. Refers to the one-to-one relationship between objects of the same type; B. Refers to the existence of one entity corresponding to multiple entities in the same object; C. Refers to the many-to-many relationship among similar entities; D. Refers to different There is an entity corresponding to multiple entities in the class object
The correct answer is: B Your answer is: B Score for this question: 2
Driven by association rules, the () engine can carry out event association in multiple ways
A. Recursive correlation analysis; B. Event correlation analysis; C. Statistical correlation analysis; D. Time series correlation analysis
The correct answer is: B Your answer is: B Score for this question: 2
() Technology can better understand the correlation analysis of seemingly unrelated but theoretical correlation between devices
A. Recursive correlation; B. Statistical correlation; C. Timing correlation; D. Cross-device event correlation
The correct answer is: D Your answer is: D Score for this question: 2
The following description of database data query is incorrect ()
A. Ordinary conditional query is to query according to known and determined conditions; B. The function of query is to operate in the database through SQL statements; C. Users usually need to query the information of all data rows in the table; D. Fuzzy query It is through some known but not completely certain conditions to query
The correct answer is: C Your answer is: C Score for this question: 2
Computer systems generally have corresponding log recording systems. Among them, the log refers to the collection of certain operations and their operation results in an orderly manner on the objects specified by the system. The following descriptions are incorrect ()
A. It is a collection of "event records" generated by various entities; B. It can record all behaviors generated by the system and express these behaviors according to a certain specification; C. Log information can help the system to troubleshoot Optimize the performance of the system; D. Logs only play a very important role in maintaining system stability
The correct answer is: D Your answer is: D Score for this question: 2
The following problems may appear in the original log information ()
A. Incomplete information; B. IP address error; C. Duplicate records; D. All of the above
The correct answer is: D Your answer is: D Score for this question: 2
Computer systems generally have a corresponding log recording system, and its log file recording has many functions. The following description of the log file recording function is incorrect ()
A. It can provide monitoring system resources; B. It can audit user behavior; C. It can determine the scope of intrusion behavior; D. It cannot provide a source of evidence for computer crimes
The correct answer is: D Your answer is: D Score for this question: 2
What is incorrect in the following description about log normalization ()
A. It normalizes the original logs of different formats into a log with a unified format; B. It reduces the audit efficiency of the log audit system; C. It facilitates the use of log data by other modules; D. It improves Quality of log data
The correct answer is: B Your answer is: B Score for this question: 2
XML is the abbreviation of Extensible Markup Language. The description of it in the following options is incorrect ()
A. It is a markup language used to mark electronic files; B. It has good scalability; C. It has a good structure and restriction mechanism; D. The expression of data is more complicated after being marked by XML
The correct answer is: D Your answer is: D Score for this question: 2
Which of the following is not included in the expression of recursive association?
A. One-to-one recursive association; B. One-to-many recursive association; C. Many-to-many recursive association; D. Zero-to-one recursive association
The correct answer is: D Your answer is: D Score for this question: 2
Which of the following is not included in the log storage format?
A. Text-based format; B. Binary-based format; C. Compressed file-based format; D. PNG-based format
The correct answer is: D Your answer is: D Score for this question: 2
There are a huge number of network security logs. In order to improve the efficiency of the analysis system and report generation, some information is usually stored in a relational database. This information does not include ()
A. Header information; B. Sequence number; C. Message body; D. Analysis and summary
The correct answer is: B Your answer is: B Score for this question: 2
HDFS is the abbreviation of Hadoop Distributed File System and is designed to be suitable for running on general-purpose hardware. The following description is incorrect ()
A. The scalability of HDFS is very weak; B. It is a distributed file system implemented by Hadoop; C. HDFS meets the needs of ultra-large data sets; D. HDFS supports streaming data access
The correct answer is: A Your answer is: A Score for this question: 2
The operating system is the interface between the user and the computer, as well as the interface between computer hardware and other software. Which of the following options is not a computer operating system ()
A.Windows;B.Linux;C.Unix;D.Https
The correct answer is: D Your answer is: D Score for this question: 2
Which of the following options is not a measure to reduce vulnerabilities during the implementation phase of the Security Development Lifecycle (SDL)?
A. Use specified tools; B. Abandon unsafe functions; C. No parameter checking; D. Static analysis
The correct answer is: C Your answer is: C Score for this question: 2
The goal of the Software Assurance Maturity Model (SAMM) is ()
A. Create clearly defined and measurable goals; B. Any business involving software development; C. Can be used for small, medium and large organizations; D. All of the above
The correct answer is: D Your answer is: D Score for this question: 2
The following description of the comprehensive lightweight application security process (CLASP) is wrong ()
A.CLASP includes 30 specific activities and auxiliary resources; B.CLASP can be used in conjunction with a variety of software development models; C.CLASP's security activities must be arranged based on the access list; D.CLASP's security activities and execution sequence The choice is open
The correct answer is: C Your answer is: C Score for this question: 2
The following description of the security requirements analysis process is wrong ()
A. Requirement analysis is a continuous process that spans the entire project life cycle; B. Software security requirements analysis requires a systematic investigation process; C. Security requirements analysis is a once-and-for-all process; D. Probability statistics can be used for analysis System vulnerabilities and security threats
The correct answer is: C Your answer is: C Score for this question: 2
The following description of the SQUARE process model is wrong ()
A. When using the SQUARE process model, the safety development process of the software project does not need to consider its operating environment; B. When the project changes, the SQUARE process model should be re-applied to analyze the safety requirements; C. A unified definition is the primary condition of safety requirements engineering; D. Both dedicated inspection methods and peer review can be used to check security requirements
The correct answer is: A Your answer is: A Score for this question: 2
The following description of the safety-critical unit is wrong ()
A. Safety-critical unit errors may lead to potential serious dangers to the system; B. Safety-critical units include units that generate autonomous control signals for hardware; C. Safety-critical timing units can be controlled by programs and modified at will; D. Safety-critical The unit is controlled by at least two independent units
The correct answer is: C Your answer is: C Score for this question: 2
In the following description of the dangerous modeling process, what is wrong ()
A. Threat modeling helps to reduce the attack surface of the software; B. Threat modeling can be done at one time without repeating it; C. Threat modeling is a risk management model; D. Threat modeling is in the software life cycle Will be involved in the requirements design stage
The correct answer is: B Your answer is: B Score for this question: 2
Common technical means to mitigate threats do not include ()
A. Verify system input; B. Increase the attack surface; C. Perform fuzz testing; D. Use access control methods
The correct answer is: B Your answer is: B Score for this question: 2
Buffer overflow, as a more common and more harmful vulnerability, exists widely in various operating systems and application software. The description of the error in the following options is ()
A. Buffer is a set of memory units with consecutive addresses for storing data; B. Buffer overflow can be found in the software development and testing stage; C. Not all buffer overflows will cause software vulnerabilities; D. Famous heart Bleeding vulnerability is a buffer vulnerability
The correct answer is: B Your answer is: B Score for this question: 2
As a computer programming language, C language is widely used. The description of the following options is wrong ()
AC language is an object-oriented development language; BC language has a powerful ability to manipulate memory; CC language can be used in fields such as operating systems, browsers, and embedded development; DC language has powerful underlying operating capabilities
The correct answer is: A Your answer is: A Score for this question: 2
As a computer programming language, Java is very powerful. The following are not the characteristics of Java ()
A. Cross-platform; B. Multithreading; C. Process-oriented; D. Object-oriented
The correct answer is: C Your answer is: C Score for this question: 2
The following description of path traversal, the error is ()
A. Path traversal vulnerabilities allow attackers to access restricted directories and obtain system files and server configuration files; B. Web servers provide security mechanisms for access control lists and root directory access; C. Use GET or POST request methods Get input; D. Path traversal loopholes are not harmful
The correct answer is: D Your answer is: D Score for this question: 2
The hash algorithm is considered safe, mainly based on the following two properties?
A. No conflict and irreversibility; B. Conflict and irreversibility; C. Conflict and randomness; D. Random and reversibility
The correct answer is: A Your answer is: A Score for this question: 2
Which of the following options describes the error handling mechanism of the Java language incorrectly ()
A. Another suitable exception can be thrown according to the context of the catch program segment; B. Sensitive information should be filtered during the exception transfer process; C. Try to exit abnormally in the finally program segment; D. When logging Exceptions should be avoided
The correct answer is: C Your answer is: C Score for this question: 2
The description of the Java language thread in the following options is wrong ()
A. Multithreading is one of the characteristics of the Java language; B. Good thread scheduling helps to give full play to the performance of the system; C. All methods in the Thread Group are safe and recommended; D. Calling the start method of Thread can be used Start a new thread
The correct answer is: C Your answer is: C Score for this question: 2