1. Please sort the steps of the ISMS implementation process correctly ().
1) Monitor and review phase
2) Maintain and improve phase
3) Establish phase
4) Implement and operate phase
Correct answer: 3-4-1-2
Topic analysis:
2. Please classify the following common information security standards correctly. (Drag picture title)
1. National level protection system (GB) ----------- Chinese standard
2 .TCSEC ------------ International common standard
3 .ITSEC --------- American Standard
4. ISO27001 -------------EU standard
correct answer:
Chinese standard GB
American standard TCSEC
EU standard ITSEC
International standard ISO27001
3. Please sort the anti-DDoS system defense process in the figure below correctly by dragging and dropping
4. Please sort the basic configuration process of the following intrusion prevention features correctly.
Configuring Intrusion Prevention Files 1
Upgrading the Signature Database 2
Verification and Checking 3
Configuring Signatures 4
Correct answer: 2-4-1-3
5. Please sort the following mail filtering process correctly. (Drag picture title)
1. Check the local whitelist
2. RBL remote query
3. Attachment Quantity Control / Attachment Size Control
4. Check the local blacklist
5. Anonymous mail detection/email address check
correct answer:
1-4-2-5-3
Answer analysis:
1. Check the local whitelist
2. Check the local blacklist
3. RBL remote query
4. Anonymous email detection / email address check
5. Attachment quantity control / attachment size control
6. Please sort the following intelligent DNS configuration process correctly. (Drag picture title)
1. Choose to configure single server or multi-server smart DNS function.
2. Turn on the smart DNS function.
3. Configure the source-in and source-out function, and directly use the inbound interface as the outbound interface of the DNS response message.
4. Configure the server mapping (NAT Server) function to map the destination address of the access message from the public network address to the private network address of the Web server.
Correct Answer: 2-1-4-3
7. Please match the following host security functions and their descriptions correctly and drag and drop 
the correct answer: A-2|B-4|C-1|D-5|E-3
8. Please match the following desensitization algorithms correctly
1. The offset increases by a fixed offset value of 1000
2. Replace each record randomly
3. Enumeration generates enumerators that maintain order
4. Hash HMAC-SHA256 hash
5. Tokenize to generate a Token that retains the format
6. Noise plus <20% machine noise
correct answer:
1-2-3-4-5-6
9. Please sort the processing flow of the following intrusion prevention system data flow correctly. (Drag picture question)
Query the exception signature. 1
Find the configuration file corresponding to the signature. 2
query signature filter. 3
Correct answer: 2-1-3
10. Please sort the principles and content of the trapping schemes in the following HiSec solutions correctly (drag picture question)
1. Decoy probes identify scanning behavior
2. Decoy probes induce attack sources to decoys 3.
CIS association analysis, determine threat status
4. Decoy probes report scanning events to decoys
5. Decoys report logs and Dataslow alarms to CIS
6. Attack sources initiate IP and port scanning
7. Attack sources are induced to decoys
8. CIS visualizes the threat
9. The trap records the attack power and obtains the attack payload
Correct answer: 6-1-2-4-7-9-5-3-8
11. Please sort the following DNS transparent proxy processing flow correctly
1. Whether DNS transparent proxy is needed
2. DNS transparent proxy route selection
3. Use the DNS server address bound on the interface to replace the destination address of the DNS request message
4. For the report Do DNS Transparent Proxy Marking
Correct answer: 1-4-2-3
12. Please sort the following APT attack steps correctly.
C&C1
data collection 2
infiltration 3
data transfer 4
internal detection 5
establishment of stagnation point 6
data outbound 7
elevation of authority 8
Correct Answer:
3-1-6-8-5-2-4-7
13. The intrusion prevention signature is used to describe the characteristics of the attack behavior in the network. The firewall detects and prevents the attack by comparing the packet characteristics of the data flow with the intrusion prevention signature. According to the intrusion prevention feature configuration process, drag the left configuration step into the right box ().
1) Configure the intrusion prevention signature
2) Upgrade the intrusion prevention and malicious domain name signature database
3) Verify and check
4) Configure the intrusion prevention file
Correct Answer: 2-1-4-3
14.
Please drag and drop one-to-one correspondence between the specific operation of cloud data migration for the business on the left and the steps of the migration operation on the right. drag and drop
Correct answer: A-1|B-2|C-4|D-3
15. The label on the right is each stage of the safety management system (ISKS), and the label on the left is the specific operation of each stage. The operation corresponds to each stage on the right side. connection
Correct answer: A-3|B-1|C-4|D-2
Answer analysis: 
16. The figure below shows the RBL workflow, please match and drag the content in the serial number correctly
Correct answer: A-4|B-1|C-5|D-2|E-6|F-3