{"msg":"操作成功","code":200,"data":[{"questionId":35,"type":3,"question":"Windows系统默认会生成administration和guest两个账号，两个账号都不允许改名和删除。","score":0.5},{"questionId":5,"type":3,"question":"网络安全事件分为四级：特别重大网络安全事件、重大网络安全事件、较大网络安全事件、一般网络安全事件。","score":0.5},{"questionId":155,"type":1,"question":"下列可以对Windows系统口令进行暴力破解的工具是（）。","options":{"A":"Nessus","B":"NMAP","C":"AppScan","D":"Sqlmap"},"score":0.5},{"questionId":109,"type":3,"question":"某能源公司所使用“数据采集与监视系统”存在高危风险隐患，系统于2019年底已中病毒，但至今仍未清除，且相关安全技术措施履行未能达到法律要求，同时存在网络安全管理制度缺失的情况。针对上述违法行为，公安机关可依法对该司作出行政处罚，并责令其限期改正。","score":0.5},{"questionId":67,"type":1,"question":"下列哪个不属于XSS攻击类型？","options":{"A":"反射型XSS","B":"存储型XSS","C":"DOM型XSS","D":"延时型XSS"},"score":0.5},{"questionId":2,"type":3,"question":" 处理个人信息达到国家网信部门规定数量的个人信息处理者应当指定个人信息保护负责人，负责对个人信息处理活动以及采取的保护措施等进行监督。","score":0.5},{"questionId":29,"type":1,"question":"3DES第一次进行DES加密使用的密钥和第三次加密使用的密钥不一样时，密钥的有效长度是（）位。","options":{"A":"128位","B":"112位","C":"192位","D":"168位"},"score":0.5},{"questionId":4,"type":3,"question":"存储、处理涉及国家秘密信息的关键信息基础设施的安全保护，还应当遵守保密法律、行政法规的规定。","score":0.5},{"questionId":131,"type":3,"question":"域名劫持的常见手法是通过拦截域名解析请求或篡改域名服务器上的数据，使得用户在访问相关域名时返回虚假IP地址或使用户的请求失败。","score":0.5},{"questionId":107,"type":3,"question":"王某搭建一个漏洞发布网站，免费向社会发布系统漏洞、计算机病毒、网络攻击、网络侵入等网络安全信息的，这属于公益事业，不需要向公安机关报备。","score":0.5},{"questionId":57,"type":1,"question":"（）是常用来扫描web应用漏洞的工具。","options":{"A":"AWVS","B":"mimikatz","C":"masscan","D":"proxychain"},"score":0.5},{"questionId":68,"type":1,"question":"（）不是网络本身所存在的缺陷。","options":{"A":"系统漏洞","B":"协议缺陷","C":"后门","D":"软件漏洞"},"score":0.5},{"questionId":24,"type":1,"question":"等级保护建设的流程是（）。","options":{"A":"定级、备案、监督检查、建设整改、等级测评","B":"定级、备案、建设整改、等级测评、监督检查","C":"建设整改、等级测评、监督检查、定级、备案","D":"等级测评、定级、备案、建设整改、监督检查"},"score":0.5},{"questionId":58,"type":1,"question":"请把以下扫描步骤按照正常过程排序。a、根据已知漏洞信息，分析系统脆弱点b、识别目标主机端口的状态(监听/关闭)c、生成扫描结果报告d、识别目标主机系统及服务程序的类型和版本e、扫描目标主机识别其工作状态(开/关机)（）","options":{"A":"acdeb","B":"ebdac","C":"eabdc","D":"beadc"},"score":0.5},{"questionId":154,"type":1,"question":"以下不具备root权限的账号是（）。","options":{"A":"root:x:0:0:root:/root:/usr/bin/bash","B":"ceshi:x:1000:0:ceshi:/home/ceshi:/bin/bash","C":"user:x:0:500:ubuntu:/home/user:/bin/bash","D":"test:x:0:0:test:/home/test:/bin/bash"},"score":0.5},{"questionId":65,"type":1,"question":"使网络服务器中充斥着大量要求回复的信息，消耗带宽，导致网络或系统停止正常服务，这属于（）攻击类型。","options":{"A":"拒绝服务","B":"文件共享","C":"BIND漏洞","D":"远程过程调用"},"score":0.5},{"questionId":117,"type":3,"question":"应定期对员工进行信息安全教育与培训，接入和使用网络和信息系统的第三方人员由其单位进行培训。","score":0.5},{"questionId":78,"type":1,"question":"以下哪项属于对称加密算法（）","options":{"A":"SHA","B":"RSA","C":"MD5","D":"AES"},"score":0.5},{"questionId":172,"type":2,"question":"ACL可以实现（ ）功能。","options":{"A":"提供安全访问","B":"封堵高危端口","C":"提高网络带宽利用率","D":"防止恶意流量入侵","E":"实现网络互通"},"score":1.0},{"questionId":34,"type":3,"question":"中国国家信息安全漏洞共享平台简称为CNVD。","score":0.5},{"questionId":116,"type":3,"question":"ISO 27001标准有助于帮助用户及早确定可能发生的冲击对企业运作造成的威胁，并提供合理的架构有效阻止或抵消不确定事件造成的威胁，保证企业日常业务运行的平稳有序。","score":0.5},{"questionId":176,"type":2,"question":"命令执行漏洞带来的危害有（ ）。","options":{"A":"继承Web服务程序的权限去执行系统命令（任意代码）或读写文件","B":"控制整个网站甚至控制服务器","C":"反弹shell","D":"敏感信息泄露","E":"对服务器造成大流量攻击"},"score":1.0},{"questionId":63,"type":1,"question":"恶意软件中，TrojanHorse是指（）。","options":{"A":"病毒","B":"蠕虫","C":"特洛伊木马","D":"漏洞利用程序"},"score":0.5},{"questionId":25,"type":1,"question":"第三级信息系统测评过程中，关于网络安全的测评，应（），查看重要网段是否采取了技术隔离手段与其他网段隔离。","options":{"A":"访谈网络管理员","B":"访谈机房维护人员","C":"检查边界和网络设备","D":"检查网络设计或验收文档"},"score":0.5},{"questionId":52,"type":3,"question":"Apache的访问日志access_log记录了所有对Web服务器的访问活动。","score":0.5},{"questionId":72,"type":1,"question":"如果系统存在命令执行漏洞，但是没有回显，可以通过（）反弹的方式来解决。","options":{"A":"shell","B":"ctfs","C":"wiki","D":"http"},"score":0.5},{"questionId":118,"type":3,"question":"网闸技术通过一个中间缓冲区来“摆渡”业务数据，这个区域同时连接两个网络。","score":0.5},{"questionId":146,"type":3,"question":"有编辑/etc/passwd文件能力的攻击者可以通过把UID变为0就可以成为特权用户。","score":0.5},{"questionId":28,"type":1,"question":"DES的有效密钥长度为（）。","options":{"A":"64","B":"128","C":"56","D":"112"},"score":0.5},{"questionId":27,"type":1,"question":"密码分析学中，密码分析者知道要破解的密文，还知道一些明文及其相应的密文，这一类攻击称为（）。","options":{"A":"选择明文攻击","B":"唯密文攻击","C":"已知明文攻击","D":"选择密文攻击"},"score":0.5},{"questionId":31,"type":1,"question":"数据安全基于（）。","options":{"A":"算法的保密","B":"密钥的保密","C":"算法和密钥同时保密","D":"以上都不对"},"score":0.5},{"questionId":7,"type":1,"question":" 处理个人信息应当保证个人信息的质量，避免因个人信息（）对个人权益造成不利影响。","options":{"A":"准确、完整","B":"准确、不完整","C":"不准确、完整","D":"不准确、不完整"},"score":0.5},{"questionId":86,"type":1,"question":"公司员工可以转发的信息是（）。","options":{"A":"公司已公开发布的信息","B":"部门内部会议纪要","C":"供应商或客户提供给你的项目合作相关资料","D":"公司项目组提供给合作供应商或客户的资料"},"score":0.5},{"questionId":125,"type":3,"question":"业务连续性管理过程中应包含信息安全，也就是要考虑信息安全的连续性。","score":0.5},{"questionId":134,"type":3,"question":"公共场所提供的WiFi上网服务，应当具备实名认证、日志留存等安全保护技术措施。","score":0.5},{"questionId":135,"type":3,"question":"大量敏感信息存储在数据库中，数据脱敏是防止数据泄漏的安全措施之一。","score":0.5},{"questionId":101,"type":1,"question":"文件包含漏洞分为本地文件包含漏洞和（）。","options":{"A":"网络文件包含漏洞","B":"系统文件包含漏洞","C":"网站文件包含漏洞","D":"远程文件包含漏洞"},"score":0.5},{"questionId":159,"type":1,"question":"（ ）不是交换机端口安全管理的方法。","options":{"A":"Port Security","B":"802.1X","C":"VLAN","D":"DHCP Snooping"},"score":0.5},{"questionId":39,"type":3,"question":"操作系统识别可以分为主动识别和被动识别。","score":0.5},{"questionId":162,"type":1,"question":"在TCP/IP协议中，由于TCP协议提供可靠的连接服务，于是采用有保障的（　） 来创建一个TCP连接；由于TCP连接是全双工的，因此每个方向都必须单独进行关闭，采用（　） 来断开TCP连接","options":{"A":"三次握手 四次挥手","B":"四次握手 四次挥手","C":"三次挥手 四次握手","D":"三次握手 三次挥手"},"score":0.5},{"questionId":160,"type":1,"question":"下列关于WEP（Wired Equivalent Privacy）加密算法的说法，正确的是（ ）。","options":{"A":"WEP使用128位的密钥进行加密","B":"WEP加密方式易受攻击","C":"WEP使用RSA算法进行加密","D":"WEP加密方式比WPA更为安全"},"score":0.5},{"questionId":161,"type":1,"question":"（ ）命令可以打开 Linux 审计功能。","options":{"A":"auditd","B":"iptables","C":"syslogd","D":"sshd"},"score":0.5},{"questionId":173,"type":2,"question":"在IPSec中，( )是两个通信实体经过协调建立起来的一种协定，觉得用来保护数据包安全的IPSec协议、密码算法、密钥等信息","options":{"A":"ESP","B":"SPI","C":"SA","D":"SP"},"score":1.0},{"questionId":21,"type":2,"question":"网络攻击事件包括（）。","options":{"A":"拒绝服务攻击事件","B":"停电事件","C":"漏洞攻击事件","D":"网络钓鱼事件"},"score":1.0},{"questionId":23,"type":1,"question":"网络安全等级保护访问控制增强要求是（）。","options":{"A":"建立存储系统安全管理员的身份标识与鉴别策略、权限分配策略及相关操作规程","B":"具备数据分布式存储访问安全审计能力","C":"建立面向大数据应用的安全控制机制","D":"建立数据存储安全主动防御机制或措施"},"score":0.5},{"questionId":37,"type":3,"question":"XSS跨站脚本漏洞主要影响的是客户端浏览用户。","score":0.5},{"questionId":149,"type":1,"question":"在Windows中，以下不符合账户安全策略的是（）。","options":{"A":"强制密码历史不小于5个","B":"修改默认管理员Administrator为Admin","C":"禁用来宾账户","D":"密码长度最小值不小于10"},"score":0.5},{"questionId":13,"type":1,"question":"各省（区、市）、各部门（）至少组织一次预案演练，并将演练情况报中央网信办。","options":{"A":"每季度","B":"每半年","C":"每年","D":"每两年"},"score":0.5},{"questionId":143,"type":3,"question":"ASLR（地址随机分布）在一定程度上减少了缓冲区溢出攻击。","score":0.5},{"questionId":179,"type":2,"question":"现有的未知漏洞检测技术有（ ）。","options":{"A":"源代码扫描","B":"反汇编扫描","C":"环境错误注入","D":"通过操作系统版本号扫描","E":"通过服务器版本号扫描"},"score":1.0},{"questionId":98,"type":1,"question":"针对演习过程中存在的风险，应制定相应的（）计划，以保证演习时生产系统能回退到正常状态。","options":{"A":"风险","B":"应急","C":"回退","D":"保障"},"score":0.5},{"questionId":64,"type":1,"question":"CSRF攻击对象为应用程序的其他用户，属于（）漏洞。","options":{"A":"服务端","B":"客户端","C":"平台层","D":"代码层"},"score":0.5},{"questionId":93,"type":1,"question":"访问控制能够有效地防止对资源的非授权访问，一个典型的访问控制规则不包括（）。","options":{"A":"主体","B":"客体","C":"操作","D":"认证"},"score":0.5},{"questionId":137,"type":3,"question":"ACK Flood攻击的原理是指攻击者利用僵尸网络等手段发送大量的ACK报文，带有超大载荷的ACK Flood攻击，会导致链路拥塞。更高数量的ACK Flood会造成服务器网卡中断频率过高，负载过重而停止响应。","score":0.5},{"questionId":178,"type":2,"question":"以下属于交换机防ARP欺骗攻击有效安全策略的是（ ）。","options":{"A":"免费ARP报文主动丢弃","B":"发送ARP免费报文","C":"VPLS网络中ARP代理","D":"DHCP触发ARP学习","E":"禁止自动学习"},"score":1.0},{"questionId":90,"type":1,"question":"下列攻击方式中，既属于身份冒领，也属于IP欺骗的是（）","options":{"A":"目录遍历","B":"ARP攻击","C":"网页盗链","D":"溢出攻击"},"score":0.5},{"questionId":157,"type":1,"question":"关于脱壳，下列哪个软件可以用于分析程序是否加壳？","options":{"A":"Process Monitor","B":"File Monitor","C":"PEiD","D":"burp suite"},"score":0.5},{"questionId":169,"type":2,"question":"下面关于Webshell的描述，说法错误的是（ ）。","options":{"A":"Webshell是一个木马后门","B":"攻击者入侵后，会将Webshell脚本放在系统账户文件夹下","C":"防火墙可以拦截Webshell","D":"Webshell会在网站的Web日志中留下一些数据记录","E":"利用Webshell对服务器控制后，可以上传下载文件、查看数据库、执行任意程序命令等"},"score":1.0},{"questionId":53,"type":3,"question":"Nginx日志不支持用户自定义输出内容。","score":0.5},{"questionId":145,"type":3,"question":"umask是用户创建文件或目录的初始权限设置值，一般可以设置为777。","score":0.5},{"questionId":19,"type":2,"question":"根据《网络安全法》的规定，任何个人和组织（）。","options":{"A":"不得提供专门用于从事侵入网络、干扰网络正常功能等危害网络安全活动的程序","B":"明知他人从事危害网络安全的活动的，不得为其提供技术支持","C":"不得从事非法侵入他人网络、干扰他人网络正常功能等危害网络安全的活动","D":"明知他人从事危害网络安全的活动的，可以为其进行广告推广"},"score":1.0},{"questionId":82,"type":3,"question":"区块链中，每个区块的区块头均封装有前一个区块的哈希码，这个机制就确保了区块数据不可篡改的技术特征。","score":0.5},{"questionId":22,"type":3,"question":"国家建立网络安全监测预警和信息通报制度。国家网信部门应当统筹协调有关部门加强网络安全信息收集、分析和通报工作，有关部门应该分别发布网络安全监测预警信息。","score":0.5},{"questionId":156,"type":1,"question":"关于Cookie的HttpOnly属性，其作用是（）。","options":{"A":"防止SQL注入","B":"防止目录浏览","C":"防止XSS攻击","D":"防止CSRF攻击"},"score":0.5},{"questionId":70,"type":1,"question":"使网络服务器中充斥着大量要求回复的信息，消耗带宽，导致网络或系统停止正常服务，这属于（）攻击。","options":{"A":"拒绝服务","B":"文件共享","C":"BIND漏洞","D":"远程过程调用"},"score":0.5},{"questionId":6,"type":3,"question":"运营者或网络产品和服务提供者认为审查人员有失客观公正，或未能对审查工作中获悉的信息承担保密义务的，可以向网络安全审查办公室或者有关部门举报。","score":0.5},{"questionId":163,"type":1,"question":"Nginx的日志记录中，（ ）将日志分割为多个文件。","options":{"A":"使用logrotate命令 ","B":"在Nginx配置文件中设置多个access_log指令 ","C":"在Nginx配置文件中设置多个log_format指令 ","D":"使用系统的日志分割功能"},"score":0.5},{"questionId":40,"type":3,"question":"Linux系统不可以利用于环境变量提权。","score":0.5},{"questionId":56,"type":1,"question":"哪种类型的攻击是通过发送恶意电子邮件或链接来欺骗用户揭示敏感信息或安装恶意软件的","options":{"A":"电子邮件攻击","B":"零日攻击","C":"社会工程攻击","D":"拒绝服务攻击"},"score":0.5},{"questionId":18,"type":1,"question":"《数据安全法》从（）为执行者设定了合规的要求。","options":{"A":"信息保护角度","B":"数据保护角度","C":"信息安全角度","D":"数据与安全的角度"},"score":0.5},{"questionId":112,"type":3,"question":"加壳过程中不会改变程序代码段的相对虚拟地址。","score":0.5},{"questionId":124,"type":3,"question":"《信息安全风险评估指南》中规定了安全风险的计算方法，R=f(A,V,T)=f(Ia,L(Va,T))，我们需要针对每一个脆弱性，识别可能利用此脆弱性造成安全事件的威胁。","score":0.5},{"questionId":147,"type":3,"question":"在Windows服务器上安装杀毒软件将影响系统性能，因此只要外部防病毒措施做好，无需安装防病毒软件。","score":0.5},{"questionId":129,"type":3,"question":"计算机信息系统包括计算机、网络设备、通信设备、自动化控制设备等，智能手机不属于计算机信息系统。","score":0.5},{"questionId":14,"type":1,"question":"违反《网络安全法》规定，从事危害网络安全的活动并受到刑事处罚的人员，（）不得从事网络安全管理和网络运营关键岗位的工作。","options":{"A":"终身","B":"十年之内","C":"一年之内","D":"五年之内"},"score":0.5},{"questionId":42,"type":3,"question":"Nmap软件工具可以实现安全漏洞扫描。","score":0.5},{"questionId":122,"type":3,"question":"网络安全域是由连接具有相同安全等级的计算域和（或）用户域组成的网络域。","score":0.5},{"questionId":151,"type":1,"question":"工业控制系统信息安全需求，优先级从高到低次序为（）。","options":{"A":"保密性、完整性、可用性","B":"可用性、完整性、保密性","C":"完整性、可用性、保密性","D":"可用性、保密性、完整性"},"score":0.5},{"questionId":100,"type":1,"question":"Burpsuite中，（）作为拦截HTTP（S）的代理服务器。","options":{"A":"Proxy","B":"Spider","C":"Scanner","D":"Intruder"},"score":0.5},{"questionId":10,"type":1,"question":"关键信息基础设施的运营者应当自行或者委托网络安全服务机构对其网络的安全性和可能存在的风险（）至少进行一次检测评估，并将检测评估情况和改进措施报送相关负责关键信息基础设施安全保护工作的部门。","options":{"A":"三年","B":"两年","C":"每年","D":"四年"},"score":0.5},{"questionId":91,"type":1,"question":"小李在维护信息系统过程中，不小心把操作系统的系统文件删了，这种不安全行为属于（）。","options":{"A":"损坏","B":"滥漏","C":"意外失误","D":"物理损坏"},"score":0.5},{"questionId":16,"type":1,"question":"某网站受到DDoS攻击无法正常为用户提供服务，这破坏了数据的（　）","options":{"A":"完整性","B":"可控性","C":"不可否认性","D":"可用性"},"score":0.5},{"questionId":61,"type":1,"question":"SuperScan和PortScan属于什么类软件（）","options":{"A":"超级漏洞深测","B":"端口扫描","C":"木马入侵","D":"缓冲溢出"},"score":0.5},{"questionId":49,"type":3,"question":"AppScan检测漏洞的类型也非常多，但是检测结束后不能给出详细的检测日志以及修复建议。","score":0.5},{"questionId":69,"type":1,"question":"安全漏洞产生的原因很多，其中口令过于简单，很容易被黑客猜中属于（）。","options":{"A":"系统不稳定","B":"技术实现不充分","C":"系统和软件的设计存在缺陷，通信协议不完备","D":"配置管理和使用不当"},"score":0.5},{"questionId":76,"type":1,"question":"开展渗透测试的第一步是（）","options":{"A":"信号分析","B":"信息收集","C":"数据包过滤","D":"数据包检查"},"score":0.5},{"questionId":97,"type":1,"question":"（）加密算法属于公钥密码算法。","options":{"A":"AES","B":"DES","C":"IDEA","D":"RSA"},"score":0.5},{"questionId":54,"type":1,"question":"黑客通过XSS漏洞获取到QQ用户的身份后，下一步可以进行的操作是（）。","options":{"A":"偷取Q币","B":"控制用户摄像头","C":"劫持微信用户","D":"进入QQ空间"},"score":0.5},{"questionId":1,"type":3,"question":"我国网络安全领域的基础性法律《中华人民共和国网络安全法》正式施行，对保护个人信息、治理网络诈骗、保护关键信息基础设施、网络实名制等方面作出明确规定，成为我国网络空间法治化建设的重要里程碑。","score":0.5},{"questionId":139,"type":3,"question":"在对交换机设备进行常规安全配置中，应配置交换机日志审计，对设备运行情况、网络流量、用户行为等进行记录。","score":0.5},{"questionId":30,"type":1,"question":"（）是PKI公钥基础设施的核心。","options":{"A":"（）是PKI公钥基础设施的核心。","B":"证书/CRL发布系统","C":"密钥管理中心KMC","D":"CA认证机构"},"score":0.5},{"questionId":94,"type":1,"question":"物理安全是整个信息系统安全的前提。以下安全防护措施中不属于物理安全范畴的是（）。","options":{"A":"安装烟感、温感报警系统，禁止工作人员在主机房内吸烟或者使用火源","B":"要求工作人员在主机房内工作时必须穿着防静电工装和防静电鞋，并定期喷涂防静电剂","C":",为工作人员建立生物特征信息库，并在主机房入口安装指纹识别系统，禁止未经授权人员进入主机房","D":"对因被解雇、退休、辞取或其他原因离开信息系统岗位的人员，收回所有相关证件、徽章、密钥和访问控制标记等"},"score":0.5},{"questionId":92,"type":1,"question":"PKI支持的服务不包括（）。","options":{"A":"非对称密钥技术及证书管理","B":"目录服务","C":"对称密钥的产生和分发","D":"访问控制服务"},"score":0.5},{"questionId":148,"type":3,"question":"chmod 744 test命令执行的结果是将test文件的所有者具有读和执行权限，文件所属的组和其它用户有读的权限。","score":0.5},{"questionId":174,"type":2,"question":"一般同一网络内划分三种安全域（）","options":{"A":"外部域","B":"接入域","C":"内部域","D":"网络域","E":"安全域"},"score":1.0},{"questionId":17,"type":1,"question":"网络运营者不履行《网络安全法》关于关键信息基础设施的运行安全规定的网络安全保护义务，拒不改正或者导致危害网络安全等后果的，对直接负责的主管人员处（）。","options":{"A":"处十万元以上一百万元以下罚款","B":"一千元以上五千元以下罚款","C":"处一万元以上十万元以下罚款","D":"五千元以上五万元以下罚款"},"score":0.5},{"questionId":38,"type":3,"question":"SSRF 是一种由攻击者构造请求，由服务端发起请求的安全漏洞。","score":0.5},{"questionId":142,"type":3,"question":"应对交换机、路由器等网络设备设置账号安全策略，对于多次登陆失败的账户进行限制登录或锁定。","score":0.5},{"questionId":12,"type":1,"question":"网络安全法中规定，网络运营者应当制定（ ）,及时处置系统漏洞、计算机病毒、网络攻击、网络侵入等安全风险","options":{"A":"网络安全事件应急演练","B":"网络安全事件应急预案","C":"网络安全事件求救措施","D":"网络安全事件处罚措施"},"score":0.5},{"questionId":126,"type":3,"question":"风险评估形式分为自评估和他评估两大类，通过信息安全风险评估服务机构提供风险评估属于他评估。","score":0.5},{"questionId":170,"type":2,"question":"在首次部署下一代防火墙时，需要注意配置（ ）等系统功能。","options":{"A":"高可用","B":"安全防护","C":"白名单","D":"保护站点","E":"默认过滤规则"},"score":1.0},{"questionId":84,"type":3,"question":"网络隔离技术的主要目标是将有害的网络安全威胁隔离开，以保障数据信息无论在可信网络之内还是之外都可以安全交互。","score":0.5},{"questionId":115,"type":3,"question":"用于银行的金融数据密码机，提供密钥管理及密码运算服务，它属于商用密码产品。","score":0.5},{"questionId":136,"type":3,"question":"社会工程学攻击是利用人性弱点（本能反应、贪婪、易于信任等）进行欺骗获取利益的攻击方法。它是一种永远有效的攻击方法。","score":0.5},{"questionId":20,"type":2,"question":"《网络安全审查办法》所称网络产品和服务主要指（）。","options":{"A":"核心网络设备","B":"高性能计算机和服务器","C":"大容量存储设备","D":"云计算服务","E":"其他对关键信息基础设施安全有重要影响的网络产品和服务"},"score":1.0},{"questionId":45,"type":3,"question":"ip命令的功能和ifconfig类似。","score":0.5},{"questionId":120,"type":3,"question":"某部委国家商用密码算法VPN设备更换项目进行国内公开招标，投标单位需注意投标产品具有《商用密码产品销售许可证》","score":0.5},{"questionId":128,"type":3,"question":"出于网络安全风险防范考虑，对于挖掘出来的漏洞，应当及时向社会公布。","score":0.5},{"questionId":89,"type":1,"question":"下列关于等级保护三级恶意代码防范说法不正确的是（）。","options":{"A":"要求安装恶意代码防范产品","B":"要求支持防范软件的统一管理","C":"主机和网络的恶意代码防范软件可以相同","D":"通过实现恶意代码的统一监控和管理，实现系统的自动升级"},"score":0.5},{"questionId":141,"type":3,"question":"不用特别设置交换机、路由器等基础网络设备的审计日志访问权限，并不影响安全性能。","score":0.5},{"questionId":59,"type":1,"question":"对于文件上传漏洞攻击防范，以下选项错误的是（）。","options":{"A":"检查服务器是否判断了上传文件类型及后缀。","B":"定义上传文件类型白名单，即只允许白名单里面类型的文件上传。","C":"文件上传目录禁止执行脚本解析，避免攻击者进行二次攻击。","D":"关闭文件上传功能"},"score":0.5},{"questionId":132,"type":3,"question":"信息泄露、账户被盗、钓鱼网站威胁、网络攻击、交易行为抵赖等均属于现阶段网络支付面临的安全风险。","score":0.5},{"questionId":133,"type":3,"question":"平台处理自然人自行公开的或者其他已经合法公开的信息,不承担民事责任。","score":0.5},{"questionId":104,"type":3,"question":"弱口令也叫弱密码，通常认为容易被他人猜测到或能够被破解工具破解的密码均为弱口令，具体表现为简单数字组合、顺序字符组合以及临近字符组合等，如abc123等。","score":0.5},{"questionId":55,"type":1,"question":"防止用户被冒名所欺骗的方法是（）","options":{"A":"对信息源发方进行身份验证","B":"进行数据加密","C":"对访问网络的流量进行过滤和保护","D":"采用防火墙"},"score":0.5},{"questionId":46,"type":3,"question":"经过配置，wireshark可以抓取并分析任意的https数据包。","score":0.5},{"questionId":106,"type":3,"question":"入侵检测系统可以分为基于主机分析和基于网络数据包分析两种基本方式","score":0.5},{"questionId":103,"type":1,"question":"下面对 union 的描述正确的是","options":{"A":"任何查询语句都可以用 union 来连接","B":"union 只连接结果集完全一样的查询语句","C":"union 是筛选关键词，对结果集再进行操作","D":"union 可以连接结果集中数据类型个数相同的多个结果集"},"score":0.5},{"questionId":50,"type":3,"question":"在注册表中，二进制是没有长度限制的，可以是任意个字节的长度。","score":0.5},{"questionId":44,"type":3,"question":"Wireshark软件能够进行脚本录制。","score":0.5},{"questionId":165,"type":2,"question":"关于入侵检测和入侵检测系统，下述哪几项是正确的。","options":{"A":"入侵检测收集信息应在网络的不同关键点进行","B":"入侵检测的信息分析具有实时性","C":"基于网络的入侵检测系统的精确性不及基于主机的入侵检测系统的精确性高","D":"分布式入侵检测系统既能检测网络的入侵行为，又能检测主机的入侵行为","E":"入侵检测系统的主要功能是对发生的入侵事件进行应急响应处理"},"score":1.0},{"questionId":110,"type":3,"question":"G公司为某网路终端设备提供定制操作系统，保修期三年，但期间因公司业务调整，已裁撤该操作系统产品线，该公司可停止该产品的安全维护。","score":0.5},{"questionId":108,"type":3,"question":"某科技公司遭受勒索病毒攻击导致系统瘫痪。由于急于恢复系统运作以开展业务，该司在未留存涉案相关日志线索且未及时告知公安机关的情况下，直接进行系统清理和数据恢复工作，导致案发现场遭到破坏，案件线索无法进一步追踪。针对该司未依法留存网络日志达法定时长的违法行为，公安机关可对其作出行政处罚，并责令其限期改正。","score":0.5},{"questionId":114,"type":3,"question":"某单位办公室副主任，为向在外检查工作的分管领导汇报工作，经申请审批流程，可用手机对秘密级文件部分内容进行拍照，并用微信点对点方式发送给在外检查工作的领导。","score":0.5},{"questionId":66,"type":1,"question":"（）不是漏洞扫描工具。","options":{"A":"Winhex","B":"Nessus","C":"Metasploit","D":"X-Scan"},"score":0.5},{"questionId":171,"type":2,"question":"蜜罐的作用包括（）。","options":{"A":"吸引攻击者，以便监测和研究攻击技术","B":"提供额外的网络安全防护层，阻止攻击者进一步侵入网络","C":"欺骗攻击者，使其浪费时间和资源","D":"用作合法网络流量的分析和监测工具","E":"作为主动防御手段，反击攻击者并消耗其资源"},"score":1.0},{"questionId":130,"type":3,"question":"撞库就是黑客利用枚举所有账号密码的方式，去网站或应用程序中尝试登录的行为。","score":0.5},{"questionId":9,"type":1,"question":"根据《网络安全法》的规定，关键信息基础设施的运营者在中华人民共和国境内运营中收集和产生的个人信息和重要数据应当在（）。因业务需要，确需向境外提供的，应当按照国家网信部门会同国务院有关部门制定的办法进行安全评估，法律、行政法规另有规定的，依照其规定。","options":{"A":"境内存储","B":"境外存储","C":"外部存储器储存","D":"第三方存储"},"score":0.5},{"questionId":8,"type":1,"question":"运营者应当自行或者委托网络安全服务机构对关键信息基础设施每年至少进行（）网络安全检测和风险评估，对发现的安全问题及时整改，并按照保护工作部门要求报送情况。","options":{"A":"一次","B":"二次","C":"三次","D":"四次"},"score":0.5},{"questionId":11,"type":1,"question":"网络产品、服务的提供者不得设置（ ）,发现其网络产品、服务存在安全缺陷、漏洞等风险时,应当立即采取补救措施,按照规定及时告知用户并向有关主管部门报告","options":{"A":"恶意程序","B":"游戏程序","C":"计数程序","D":"认证程序"},"score":0.5},{"questionId":74,"type":1,"question":"（）描述的是缓冲区溢出漏洞。","options":{"A":"通过把SQL命令插入到web表单递交或输入域名或页面请求的查询字符串，最终达到欺骗服务器执行恶意的SQL命令","B":"攻击者在远程WEB页面的HTML代码中插入具有恶意目的的数据，用户认为该页面是可信赖的，但是当浏览器下载该页面，嵌入其中的脚本将被解释执行。","C":"当计算机向缓冲区内填充数据位数时超过了缓冲区本身的容量溢出的数据覆盖在合法数据上","D":"信息技术、信息产品、信息系统在设计、实现、配置、运行等过程中，有意或无意产生的缺陷"},"score":0.5},{"questionId":164,"type":2,"question":"常见的逻辑漏洞包括（ ）。","options":{"A":"密码找回","B":"权限绕过","C":"验证码重复使用","D":"跨站脚本","E":"CSRF"},"score":1.0},{"questionId":138,"type":3,"question":"闪存（Flash）属于非易失性存储器，可以反复擦除和重写。","score":0.5},{"questionId":81,"type":1,"question":"发生（）后，磁盘上的物理数据和日志文件被破坏，这是最严重的一种故障，恢复方法是重装数据库，然后重做已完成的事务。","options":{"A":"系统故障","B":"事故故障","C":"介质故障","D":"软件故障"},"score":0.5},{"questionId":43,"type":3,"question":"tcpdump只能捕获网络数据包，不能对其进行分析。","score":0.5},{"questionId":48,"type":3,"question":"OWASP-ZAP可以在windows、linux和mac下运行。","score":0.5},{"questionId":127,"type":3,"question":"某公司信息安全管理体系通过ISO 27001认证，说明其包括建立、实施、操作、监视、复查、维护和改进信息安全等一系列的管理活动。","score":0.5},{"questionId":180,"type":2,"question":"下列软件中，能够进行日志分析的工具有（ ）。","options":{"A":"grep","B":"notepad++","C":"logparser","D":"mspaint","E":"FINDSTR"},"score":1.0},{"questionId":85,"type":3,"question":"文件类病毒一般会藏匿和感染硬盘的引导扇区。","score":0.5},{"questionId":99,"type":1,"question":"一般情况下进行IP伪造时需要修改哪个字段的值？","options":{"A":"User-agent","B":"x-remote-add","C":"X-Forwarded-For","D":"Referer"},"score":0.5},{"questionId":105,"type":3,"question":"目录遍历漏洞是由于网站存在配置缺陷，导致网站目录可以被任意浏览，这会导致网站很多隐私文件与目录泄露，比如数据库备份文件、配置文件等，攻击者利用该信息可以为进一步入侵网站做准备。","score":0.5},{"questionId":62,"type":1,"question":"（）是常用的防范NetBIOS漏洞攻击的方法。","options":{"A":"利用ICP/IP筛选","B":"卸载NetBIOS","C":"绑定NetBIOS与TCP/IP协议","D":"用防病毒软件"},"score":0.5},{"questionId":150,"type":1,"question":"针对“应提供异地实时备份功能，利用通信网络将重要数据实时备份至备份场地”，以下符合标准要求的场景是（）。","options":{"A":"采用双活模式分别在A和B的数据中心部署系统服务器；","B":"系统部署在A机房中，通过网络每天晚上定时将数据同步至B灾备中心；","C":"系统服务器分别部署在公司机房和同城电信机房，并且数据实时同步；","D":"系统服务器在A机房中，每周一次将备份数据通过磁带进行备份，并运输至B灾备中心"},"score":0.5},{"questionId":77,"type":1,"question":"下列方法中（）最能有效地防止不安全的直接对象引用漏洞。","options":{"A":"检测用户访问权限","B":"使用参数化查询","C":"过滤特殊字符","D":"使用token令牌"},"score":0.5},{"questionId":113,"type":3,"question":"徐某利用其编写的程序，在互联网上进行传播，先后感染40000余台计算机，形成Bot Net僵尸网络，并操纵僵尸网络对某电子商务网站发起多次拒绝服务攻击，致使该公司遭受重大经济损失，这属于破坏计算机信息系统罪的行为。","score":0.5},{"questionId":79,"type":3,"question":"SQL Server身份验证模式有Windows身份验证模式与混合验证模式两种。","score":0.5},{"questionId":36,"type":3,"question":"平行越权漏洞高发点包括用户登录、修改/找回密码、根据订单号查询订单、cookie、查看账户消息等可以退回用户信息的接口。","score":0.5},{"questionId":60,"type":1,"question":"SQL注入是一种常用的攻击方法，它的原理是：当应用程序（），就可能产生SQL注入漏洞。","options":{"A":"使用低水平的sq语访问数据库时","B":"使用输入内容来构造动态sql语句以访问数据库时","C":"使用预编译方式来构造动态sql语句以访问数据库时","D":"使用JDBC来访问数据库时"},"score":0.5},{"questionId":51,"type":3,"question":"Windows系统中，Security.evtx文件记录了安全类型的日志信息。","score":0.5},{"questionId":153,"type":1,"question":"关于日志审计安全策略，以下哪一项可以不设置（）？","options":{"A":"用户登录","B":"权限变更","C":"文件访问","D":"账户删除"},"score":0.5},{"questionId":32,"type":3,"question":"渗透测试可以完全保证系统的安全性，因为它可以发现所有漏洞。","score":0.5},{"questionId":75,"type":1,"question":"以下不属于业务罗辑漏洞的是（）。","options":{"A":"越权","B":"数据篡改","C":"重放攻击","D":"ARP欺骗攻击"},"score":0.5},{"questionId":123,"type":3,"question":"信息系统安全工程是一个专业的过程，因此应在信息化建设到一定基础和程度后适时考虑。","score":0.5},{"questionId":166,"type":2,"question":"根据信息安全事件的分级考虑要素，将信息安全事件划（）","options":{"A":"特别重大事件","B":"重大事件","C":"较大事件","D":"一般事件","E":"普通事件"},"score":1.0},{"questionId":158,"type":1,"question":"以下哪一个不是零信任网络主要关注内容（）。","options":{"A":"认证","B":"授权","C":"机密性","D":"可用性"},"score":0.5},{"questionId":71,"type":1,"question":"在文件上传漏洞利用中，对于服务器端文件头内容检测可以利用（）来进行绕过。","options":{"A":"利用服务器的文件解析漏洞","B":"利用文件路径截断","C":"构造图片马","D":"利用HTTP抓包改包"},"score":0.5},{"questionId":102,"type":1,"question":"防止数据库中数据在存储和传输中失密的有效手段是（）。","options":{"A":"用户身份鉴别","B":"存取控制","C":"审计","D":"数据加密"},"score":0.5},{"questionId":47,"type":3,"question":"sqlmap枚举参数中，枚举当前数据库的参数是-dbs。","score":0.5},{"questionId":152,"type":1,"question":"在所有云计算服务模型中，云服务客户将被赋予访问和修改以下哪项内容的能力？","options":{"A":"数据","B":"安全策略","C":"用户权限","D":"操作系统"},"score":0.5},{"questionId":140,"type":3,"question":"基于安全考虑，在进行交换机的安全策略时，可以不限制终端用户的接入方式、网络地址范围等。","score":0.5},{"questionId":87,"type":1,"question":"网站中不想被搜索引擎收录的目录或者文件内容会保存在什么文件中","options":{"A":"index.html","B":"hidden.data","C":"web.config","D":"robots.txt"},"score":0.5},{"questionId":96,"type":1,"question":"关于SSL的描述，不正确的是（）","options":{"A":"SSL协议分为SSL挥手协议和记录协议","B":"SSL协议中的数据压缩功能是可选的","C":"大部分浏览器都内置支持SSL功能","D":"SSL协议要求通信双方提供证书"},"score":0.5},{"questionId":88,"type":1,"question":"包过滤防火墙无法实现下面的（）功能。","options":{"A":"禁止某个IP访问外部网络","B":"禁止某个IP提供对外HTTP服务","C":"禁止访问某个IP的80端口","D":"禁止某个IP使用某个FTP命令"},"score":0.5},{"questionId":144,"type":3,"question":"Linux中/etc/security的目录权限一般应小于等于600。","score":0.5},{"questionId":83,"type":3,"question":"按对明文的处理方式密码可以分为分组密码和单钥密码。 ","score":0.5},{"questionId":168,"type":2,"question":"在Windows Server 2016中，可以设置账户锁定策略，来满足功能和安全性的需求。该策略由（ ）组成。","options":{"A":"账户锁定时间","B":"账户锁定地点","C":"重置账户锁定计数器","D":"账户锁定名称","E":"账户锁定阈值"},"score":1.0},{"questionId":26,"type":1,"question":"关于信息系统安全等级保护第三级的系统运维管理，应对系统相关的人员进行应急预案培训，应急预案的培训至少（）举办一次。","options":{"A":"每季度","B":"每半年","C":"每年","D":"每2年"},"score":0.5},{"questionId":3,"type":3,"question":"运营者的主要负责人对关键信息基础设施安全保护负总责，领导关键信息基础设施安全保护和重大网络安全事件处置工作，组织研究解决重大网络安全问题。","score":0.5},{"questionId":33,"type":3,"question":"常见的渗透测试步骤包括信息收集、漏洞扫描、漏洞利用和维持访问。","score":0.5},{"questionId":80,"type":3,"question":"差异备份是以最近的完整备份为基准。","score":0.5},{"questionId":111,"type":3,"question":"某金融机构在国内运营时，收集和产生的个人信息和重要数据应当在境内存储。因业务需要，确需向境外提供的，应当按照国家网信部门会同国务院有关部门制定的办法进行安全评估。","score":0.5},{"questionId":119,"type":3,"question":"在与互联网隔离的办公内网里，计算机与互联网无法直接相连，操作系统无法在线更新，因此无需考虑打补丁。","score":0.5},{"questionId":73,"type":1,"question":"（ ）是网络通信中标志通信各方身份信息的一系列数据，提供一种在 Internet 上验证身份的方式。","options":{"A":"数字认证","B":"数字证书","C":"电子认证","D":"电子证书"},"score":0.5},{"questionId":175,"type":2,"question":"下列哪些方法可以防御任意文件下载漏洞（ ）。","options":{"A":"限制访问目录，将文件放在Web无法直接访问的目录下","B":"不允许提供目录遍历服务","C":"净化数据","D":"可以将文件路径保存至数据库","E":"禁用上传功能"},"score":1.0},{"questionId":177,"type":2,"question":"修改ICMP报文上送速率为64kbps，丢弃TTL-expired的上送报文，正确配置命令为（ ）：","options":{"A":"car packet-type icmp cir 64","B":"mov packet-type icmp cir 64","C":"deny packet-type ttl-expired","D":"drop packet-type ttl-expired","E":"put packet-type icmp cir 64"},"score":1.0},{"questionId":95,"type":1,"question":"下述（）情况不属于故障恢复系统的处理范围。","options":{"A":"由于逻辑错误造成的事故失败","B":"由于恶意访间造成的数据不一致","C":"由于电源故障导致系统停止运行，从而数据库处于不一致状态","D":"由于磁头损坏或故障造成磁盘块上的内容丢失"},"score":0.5},{"questionId":41,"type":3,"question":"whois可以用来查询域名是否已经被注册，但不能查询注册域名的详细信息。","score":0.5},{"questionId":167,"type":2,"question":"根据评估实施者的不同，将风险评估形式分为（）两大类","options":{"A":"基线评估","B":"自评估","C":"详细评估","D":"第三方评估","E":"系统评估"},"score":1.0},{"questionId":15,"type":1,"question":"李某在办理移动电话入网手续时，未提供真实身份信息，营业厅拒绝为其提供相关服务。对此，下列选项正确的是（）。","options":{"A":"因王某不提供真实身份信息，营业厅不得为其提供相关服务","B":"营业厅不得擅自拒绝为顾客提供服务","C":"办理移动电话入网手续不需用户提供真实身份信息","D":"《网络安全法》未对用户的身份信息有明确规定"},"score":0.5},{"questionId":121,"type":3,"question":"对计算机信息系统中发生的案件，有关使用单位应当在24小时内向当地县级以上人民政府公安机关报告。","score":0.5}]}