
内容出自:法宣在线题库(www.gongxuke.net)
AnentitydoingbusinessontheInternetmostlikelycoulduseanyofthefollowingmethodstopreventunauthorizedintrudersfromaccessingproprietaryinformation,except:
A、atchprocessing.
B、igitalcertificates.
C、ataencryption.
D、Passwordmanagement.
正确答案:公需科目题库搜索
答案解析:CPA-06631ExplanationChoice”a”iscorrect.Anorganization’suseofbatchprocessinghasnoeffectonunauthorizedaccesstoproprietaryinformation.Batchprocessingisaprocessingmethodology,notasecuritymeasure.Batchproc
Useraccountsarethefirsttargetofahackerwhohasgainedaccesstoanorganization’snetwork.Whichofthefollowingisatruestatementwhenmaintaininguseraccessaccounts?
A、Theremustbeamechanismtodisableaccountsshouldrelationsendbetweentheorganizationandanyofitsemployees.
B、NoprivilegesshouldbegranteduntilauthorizationiscompletedbyHumanResourcesandtheITSecurityOfficer.
C、lloftheanswerchoicesarecorrect.
D、Itisimportanttohaveproceduresinplacetoaddresspromotionsandlateralmoves.
正确答案:公需科目题库搜索,法宣在线帮手薇Xin(xzs9529)
答案解析:CPA-06387ExplanationChoice”c”iscorrect.Allofthestatementsarecorrect.Useraccountsarethefirsttargetofahackerwhohasgainedaccesstoanorganization’snetwork.Consequently,itisimportanttohaveproceduresinplacet
Whichofthefollowingisnotconsideredasecuritypolicysupportingdocument?
A、Regulations.
B、orporateculture.
C、Standardandbaselines.
D、Procedures.
正确答案:公需科目题库搜索
答案解析:CPA-06456ExplanationChoice”b”iscorrect.Corporatecultureisgenerallynotadocumentbutinsteaddefinesthemutuallyunderstoodmannerinwhichacompanydoesbusiness.Whilecorporatecultureiscompatiblewithsecuritypolic
IfFriday’sfileisdestroyed,anewFridayfilecanbereproducedbyusingtheFridaytransactionfile(whichisstoredseparately)andThursday’sfile.Thebackupconceptthatservesasthefoundationforthisprocessisoftencalled:
A、riticalApplicationBackup.
B、Son-Father-GrandfatherConcept.
C、iskOnlyBackup.
D、ackupsofSystemsThatDoNotShutDown.
正确答案:公需科目题库搜索
答案解析:CPA-06386ExplanationChoice”b”iscorrect.TheSon-Father-Grandfatherconceptdescribesthisbackupfilesystem.Themostrecentfileiscalledtheson,thesecondmostrecentfileiscalledthefather,andtheprecedingfileiscalle
Whichofthefollowingisnotatruestatementofuseraccess?
A、Useraccountsareoftenthefirsttargetofahackerwhohasgainedaccesstoanorganization’snetwork.
B、InvolvementofanInformationSecurityOfficermaydependuponthelevelofsecuritygrantedtoanaccount.
C、HumanResourcesandInformationTechnologyshouldcoordinatetomonitorchangesinpositionandtherebycontroluseraccess.
D、TheInformationOfficerdoesnotneedtoknowaboutpositionpromotions,demotions,orlateralmoves.
正确答案:公需科目题库搜索
答案解析:CPA-06454ExplanationChoice”d”iscorrect.Theinformationofficerneedstoknowaboutpositionpromotions,demotionsorlateralmoves.Fromaproductivitystandpoint,itisimportanttohaveproceduresinplacetoaddresspromotio
WhichofthefollowingistrueregardingPublicKeyInfrastructure(PKI)?
A、PKIincludesa”treeoftrust”that’scheckedeachtimeacertificateispresentedasproofofone’sidentity.
B、PKIreferstothesystemandprocessesusedtoissueandmanageasymmetrickeysanddigitalcertificates.
C、PKIassumesasymmetricencryptiontocreatelegally-bindingelectronicdocuments.
D、PKIisintendedfore-businessuseandistypicallyavailablethroughcommercialcertificateauthorities.
正确答案:公需科目题库搜索
答案解析:CPA-06453ExplanationChoice”b”iscorrect.Publickeyinfrastructurerepresentsthemechanismsusedtoissuekeysanddigitalcertificates.Choice”d”isincorrect.Digitalcertificatesareavailablethroughcommercialcertific
Whichofthefollowingisthestepwheretheintendedrecipientconvertstheciphertextintoplaintext?
A、igitalcertificates.
B、ecryptionordecipherment.
C、PKI.
D、ncryption.
正确答案:公需科目题库搜索
答案解析:CPA-06385ExplanationChoice”b”iscorrect.Decryptionordeciphermentisthestepwheretheintendedrecipientconvertstheciphertextintoplaintext.Choice”d”isincorrect.Encryptioninvolvesusingapasswordoradigitalkeyto
Whenaclient’saccountspayablecomputersystemwasrelocated,theadministratorprovidedsupportthroughadial-upconnectiontoaserver.Subsequently,theadministratorleftthecompany.Nochangesweremadetotheaccountspayab
A、Managementproceduresforuseraccountsarenotdocumented.
B、Securitylogsarenotperiodicallyreviewedforviolations.
C、Userpasswordsarenotrequiredtobeinalpha-numericformat.
D、Useraccountsarenotremoveduponterminationofemployees.
正确答案:公需科目题库搜索
答案解析:CPA-06630ExplanationChoice”d”iscorrect.Useraccountsshouldimmediatelybedisabledorremoveduponterminationofanyemployee.Enabledaccountsforterminatedemployeespresentagreatsecurityrisksincetheyallowunauthor
HideItCompanyusesdataencryptionforcertainkeydatainitsapplicationsystems.Whichofthefollowingstatementsiscorrectwithrespecttodataencryption?
A、Inasymmetricencryption,apublickeyisusedtoencryptmessages.Thesamepublickeyistransmittedalongwiththemessageandisusedtodecryptthemessageattheotherend.
B、ataencryptionisbasedontheconceptofkeys.Withdataencryption,thesophisticationoftheencryptionalgorithmisimportantandthelengthofthekeyisnotsignificant.
C、Symmetricencryptiontechniquesaremuchmorecomputationallyintensivethanasymmetricencryptiontechniques.
D、Inasymmetricencryption,apublickeyisusedtoencryptmessages.Aprivatekeyisnormallyusedtodecryptthemessageattheotherend.
正确答案:公需科目题库搜索
答案解析:CPA-06446ExplanationChoice”d”iscorrect.Inasymmetricencryption,apublickeyisusedtoencryptmessages.Aprivatekey(whichisnevertransmitted)isusedtodecryptthemessageattheotherend.Therearetwokeys.Effectively,a
Passwordsaredesignedtoprotectaccesstosecuresitesandinformation.Whichofthefollowingisincorrect?
A、Passwordsaregenerallymoreeffectivewhentheyarelonger.
B、Passwordsshouldbechangedevery90days.
C、lternatingbetweenaminimumofthreetofivepasswordsprovidesoptimalprotection.
D、Passwordsaregenerallymoreeffectivewhentheyarecomplexpasswords(e.g.,combinationsof:uppercasecharacters,lowercasecharacters,numericcharacters,andASCIIcharacters(e.g.,!,@,#,USD,%,^,&,*,or?).
正确答案:公需科目题库搜索
答案解析:CPA-06444ExplanationChoice”c”iscorrect.TheNSA(NationalSecurityAgency)recommendsthatpasswordreuseoftheprevious24passwordsberestricted.Thegoalistopreventusersfromalternatingbetweentheirfavoritetwoorthre