【单选题】
A developer needs to create a multi-tier development stack for a home lab. Which vSphere product will support the architecture required for the least software cost? ___
A. vSphere Hypervisor
B. vSphere Essentials
C. VMware Player
D. VMware Workstation
查看试卷,进入试卷练习
微信扫一扫,开始刷题
答案
A
解析
暂无解析
相关试题
【单选题】
An administrator is installing Windows into a virtual machine. The DVD has been mounted on the Host and configured for the virtual machine as shown in the Exhibit. Based on the exhibit, when the virtual machine is booted, why would it attempt to search for a PXE server? ___
A. The CD/DVD device is not connected.
B. The ISO is in the incorrect storage location.
C. The OS minimum requirements have not been met.
D. The CD/DVD device is not set to Client Device.
【单选题】
What component must be installed prior to deploying a vCenter Server in vSphere 6.x? ___
A. vCenter Identity Services
B. Platform Services Controller
C. vCenter Single Sign-On
D. Client Integration Plug-In
【单选题】
What is a valid plug-in status for a plug-in that has been added to a vSphere client? ___
A. Disabled
B. Unknown
C. Stopped
D. Installed
【单选题】
Users of an application are reporting performance issues. The following performance values are observed in the vSphere Web Client: <Host CPU utilization is 90%> <Virtual Machine memory utilization is consistently greater than 90% CPU Ready values are higher than 20%> What could be the cause of the application performance issue? ___
A. The host is lacking the CPU resources required to meet the demand.
B. The host is lacking the memory resources required to meet the demand.
C. The virtual machine is lacking the CPU resources required to meet the demand.
D. The virtual machine is lacking the memory resources required to meet the demand.
【单选题】
An administrator creates an ESXi cluster using vSphere Auto Deploy. The ESXi hosts are configured to get a management IP address from a DHCP server. The administrator needs to troubleshoot the management network on one of the hosts. Which DCUI option should the administrator use to renew the DHCP lease? ___
A. Restart Management Network
B. Restore Network Settings
C. Test Management Network
D. Configure Management Network
【单选题】
An administrator is re-provisioning an ESXi host and moving it to another datacenter. Which DCUI option should the administrator use to revert the system configuration to the default settings? ___
A. Reset System Configuration
B. Rebuild Default System Configuration
C. Revert System Configuration
D. Renew Default System Configuration
【单选题】
An administrator has just completed installing an ESXi 6.x host, but doesn't know what address has been configured. Where is the ESXi host IP address configured? ___
A. RVC console
B. Direct Console User Interface
C. vSphere Web Client
D. vSphere Client
【单选题】
When is it possible to place a VMFS5 datastore in maintenance mode? ___
A. When it is a member of a Storage DRS cluster
B. When it is a member of Virtual SAN cluster
C. When it is a member of a multi-extent datastore
D. When it is a member of a Virtual Volume
【单选题】
Immediately after installing ESXi, an administrator observes that the Configure Lockdown Mode option is grayed out in the Direct Console User Interface (DCUI). What is the most likely explanation? ___
A. The host has not yet been added to a vCenter Server.
B. The BIOS on the host does not have NX/XD enabled.
C. The ESXi host is running in evaluation mode.
D. The host requires a reboot before this feature is available.
【单选题】
Immediately after installing ESXi, an administrator observes that the Configure Lockdown Mode option is grayed out in the Direct Console User Interface (DCUI). What is the most likely explanation? ___
A. The host has not yet been added to a vCenter Server.
B. The BIOS on the host does not have NX/XD enabled.
C. The ESXi host is running in evaluation mode.
D. The host requires a reboot before this feature is available.
【单选题】
Which Single Sign-On deployment mode should an administrator use for two 6.x vCenter Servers configured with linked mode? ___
A. Basic Single Sign-On with vCenter Server Heartbeat
B. Multisite Single Sign-On
C. Basic Single Sign-On
D. Single Sign-On with Linked Mode
【单选题】
What is required when changing a virtual machine name using the vSphere Web Client? ___
A. Verify connectivity to the ESXi host where the virtual machine is running and its inventory list is accessible.
B. Verify in which datastore the virtual machine resides and that you have access and its inventory list is accessible.
C. Verify that virtual machine files are stored in the same datastore and can be accessed in the datastore browser list.
D. Verify the virtual machine is not running in Fault Tolerant mode and that it is not in a Distributed Resource Scheduler cluster.
【单选题】
An administrator deploys vRealize Operations into a vSphere 6.x environment. After the deployment, the administrator notices that badges are not appearing. What is a likely cause of this behavior? ___
A. Badges do not appear until you register vRealize Operations with vCenter Server.
B. Badges do not appear until you register a vCenter Server in vRealize Operations.
C. The vRealize Operations appliance needs to be redeployed.
D. The vCenter Server appliance needs to be redeployed.
【单选题】
How are ports scaled on vSphere Standard Switches (vSS)? ___
A. Ports on a vSS can be dynamically scaled up and down.
B. Ports on a vSS can only be statically scaled up or down.
C. Ports on a vSS can only be dynamically scaled down.
D. Ports on a vSS can only be dynamically scaled up.
【单选题】
A High Availability (HA) cluster is configured to respond to a given number of host failures. The cluster contains virtual machines configured with these settings: VM1 has a 1GHz CPU reservation and no Memory reservation VM2 has a 2GHz CPU reservation and no Memory reservation VM3 has no CPU reservation and no Memory reservation . Given this information, what is the correct slot size for the cluster? ___
A. The CPU Reservation should be set to 32MHz and the memory reservation should be set to 32MB plus memory overhead.
B. The CPU reservation should be set to 1 GHz and the memory reservation should be set to 0MB plus memory overhead.
C. The CPU reservation should be set to 2 GHz, and the memory reservation should be set to 0MB plus the virtual machine memory overhead.
D. The CPU reservation should be set to 2 GHz, and the memory reservation should be set to 32MB, plus the virtual machine memory overhead.
【单选题】
An administrator is planning a vSphere infrastructure with the following specific networking requirements: <The ability to shape inbound (RX) traffic> <Support for Private VLANs (PVLANs)> <Support for LLDP (Link Layer Discovery Protocol)>. What is the minimum vSphere Edition that will support these requirements? ___
A. vSphere Essentials Plus
B. vSphere Standard
C. vSphere Enterprise
D. vSphere
E. nterprise Plus
【单选题】
When you add an ESXi 6.x host to a new Cluster, which vSphere object owns the CPU and Memory resources of the hosts? ___
A. vCenter Server
B. Datacenter
C. Cluster
D. Host
【单选题】
A user is trying to retrieve objects from a SharePoint server and finds the request is taking an excessive amount of time. An administrator tries to isolate the issue and notes the following: Application performance is poor when compared to virtual machines on other hosts. Performance improves when the virtual machine is moved to another host. The virtual machine encounters higher than expected CPU %Ready times. What conclusion can be reached regarding the performance issues for this virtual machine? ___
A. Host Power Management is directly impacting virtual machine performance.
B. The virtual machine has a large number of snapshots.
C. The Path Selection Policy for the storage device is set differently on the affected host.
D. Network I/O control is configured for the portgroup.
【单选题】
A virtual machine template is accidently removed from the vCenter Server Inventory. Which method would be used to recover the template back into the environment?___
A. Use the datastore browser to locate the template, then right click and add the .vmtx file to inventory.
B. Use the datastore browser to locate the template, then right click and add the .vmx file to inventory.
C. Using the Managed Object Browser and adding the template from the ManagedObjectReference:GuestFileManager object.
D. Using the Managed Object Browser and adding the template from the ManagedObjectReference:VirtualDiskManager object.
【单选题】
A vSphere administrator needs to backup a virtual machine that has a Microsoft SQL Server Database installed. Which solution allows for an application quiesce to occur during backup?___
A. VMware vCenter Converter
B. VMware vCenter Site Recovery Manager
C. VMware vSphere Replication
D. VMware vSphere Data Protection Advanced
【单选题】
An administrator is migrating a virtual machine from a Test cluster to a Production cluster. The two environments do not have any shared storage. What is the easiest way to accomplish this task? ___
A. Perform a Storage vMotion.
B. Perform a regular vMotion.
C. Perform a Virtual to Virtual migration.
D. Perform a backup and restore using VMware Data Protection.
【单选题】
An administrator must determine an appropriate backup solution, given these conditions: 50 of the virtual machines are in a resource pool named Finance. 50 of the virtual machines are in a resource pool named QA. Which solution allows an administrator the ability to backup 100 virtual machines? ___
A. Use Snapshot Manager on the vCenter Server to backup the virtual machines.
B. Use the VMware Consolidated Backup (vcb) tool on the ESXi Host to backup the virtual machines.
C. Use the VMware Data Recovery (VDR) Appliance on the vCenter Server to backup the virtual machines.
D. Use the VMware Data Protection (VDP) Appliance on one of the
E. SXi Hosts to backup the virtual machines.
【单选题】
What is a benefit of using Enhanced vMotion Compatibility for an environment? ___
A. EVC masks CPU features to allow compatibility between hosts that are dissimilar.
B. EVC allows for cross platform vMotion to occur.
C. EVC enables Long
D. istance vMotion.
【单选题】
How many Link Aggregation Groups (LAGs) can be configured on a vSphere 6.x Distributed Switch? ___
A. 64
B. 96
C. 128
D. 256
【单选题】
How many Link Aggregation Groups (LAGs) can be configured on a vSphere 6.x Distributed Switch? ___
A. 64
B. 96
C. 128
D. 256
【单选题】
An administrator needs to verify that vMotion operations can be performed in a vSphere data center.What round trip time (RTT) latency is the maximum value that will allow vMotion operations to succeed? ___
A. 50ms RTT
B. 100ms RTT
C. 150ms RTT
D. 200ms RTT
【单选题】
A storage administrator has reported that full utilization of all bandwidth from an ESXi 6.x host is not being seen. In troubleshooting the issue, the Adapter details are shown in the Exhibit. Based on the exhibit, what is cause of the issue? ___
A. The array is not setup to use the correct multipathing policy.
B. There are no virtual machines on the ESXi host.
C. Not all links are used because a path is disabled.
D. Another path needs to be configured.
【单选题】
An administrator is migrating a powered-on virtual machine, as shown in the exhibit. Which option should be selected to perform a Storage vMotion of the VM? ___
A. Change storage only
B. Change VM compute resource only
C. Change both compute resource and storage, changing the compute resource first.
D. Change both compute resource and storage, changing the storage resource first.
【单选题】
An administrator is attempting to enable Storage I/O Control on a datastore, but it is failing. What is the likely reason for this failure? ___
A. The host is connected to a datastore is running on ESX 4.0.
B. The host is connected to a Fibre Channel storage array.
C. The datastore has multiple extents.
D. The datastore is managed by a single vCenter Server.
【单选题】
A mission-critical virtual machine built on vSphere 4.1 needs to be moved to an ESXi 6.x host.Which virtual hardware version is needed to move the virtual machine without upgrading? ___
A. 6
B. 7
C. 10
D. 11
【单选题】
An administrator is analyzing a virtual machine as shown in the Exhibit. What is the current long term risk for this virtual machine? ___
A. The virtual machine may run out of memory before April 27.
B. The virtual machine may continue to function after April 27.
C. The virtual machine has adequate memory configured for operation for the next 120 days.
D. The virtual machine has adequate memory reservation configured for operation for the next 120 days.
【单选题】
An administrator is monitoring a High Availability (HA) and Distributed Resource Scheduler (DRS) enabled cluster and has noticed that virtual machines in the cluster are being migrated without user intervention. Why is this happening? ___
A. The DRS Automation level is set to Fully Automated.
B. The Automation level is set to Automatic.
C. The
D. PM Threshold is set to Aggressive.
【单选题】
An administrator attempts to migrate a suspended virtual machine to a newly deployed vSphere 6.x cluster. The compatibility check fails. What condition could cause this behavior?___
A. The new vSphere 6.x cluster is running Intel CPUs instead of AMD CPUs.
B. A suspended virtual machine cannot be migrated.
C. The hardware virtualization feature of the CPU is not enabled on the new hosts.
D. A vSphere Distributed Switch is required to migrate a suspended virtual machine.
【单选题】
A vSphere administrator has been using vSphere in evaluation mode and now wants to deploy an environment that provides the same features. Which edition of vSphere provides similar functionality to evaluation mode? ___
A. Enterprise Plus
B. Enterprise
C. Standard
D. Essentials
【单选题】
A vSphere administrator has been using vSphere in evaluation mode and now wants to deploy an environment that provides the same features. Which edition of vSphere provides similar functionality to evaluation mode? ___
A. Enterprise Plus
B. Enterprise
C. Standard
D. Essentials
【单选题】
An administrator has just configured the IP address on an ESXi host from the Direct Console User Interface. How can the configuration be validated as correct without any additional tools?___
A. Add the host to vCenter Server and if it works, then all networking settings are ok.
B. Select the Test Management Network option from the DCUI.
C. Connect to the host with the vSphere Client and click the Test Network option.
D. Use PowerCLI to connect to the host and initiate a network test.
【单选题】
An administrator is installing vCenter Server for an environment that has 40 ESXi 6.x Hosts and 150 virtual machines. Which database would meet the minimal requirements needed for this task? ___
A. vFabric Postgres
B. Microsoft SQL Express 2008
C. Microsoft SQL Server 2014
D. Oracle 11g
【单选题】
What is a requirement when enabling a Virtual SAN cluster in an existing High Availability (HA) and Distributed Resource Scheduler (DRS) Cluster? ___
A. Disable DRS and HA before enabling Virtual SAN
B. Enable DRS before enabling Virtual SAN
C. Disable HA before enabling Virtual SAN
D. Enable Storage DRS before enabling Virtual SAN
【单选题】
The vSphere administrator attempts to connect to an ESXi host via an SSH client and receives the following security alert: The vSphere administrator needs to determine whether the RSA key fingerprint shown in the security alert is the fingerprint of the intended ESXi host. Which tool should the vSphere administrator use? ___
A. Direct Console User Interface
B. vSphere Client
C. vSphere Web Client
D. vSphere Management Assistant
【单选题】
An administrator needs to monitor traffic on vSwitches in a vSphere 6.x environment. Which option, if configured, would accomplish this task? ___
A. Forged Transmits
B. MAC Address Changes
C. Promiscuous Mode
D. Notify Switches
推荐试题
【单选题】
电动机变频调速优点有___。
A. 调速范围较大、平滑性高,可实现恒转矩或恒功率调速;
B. 调速范围宽、效率高,可用于大功率电动机;
C. 调速平滑性高、效率高、节能效果明显;
D. 可适用于任何电动机、费用低、节能效果明显。
【单选题】
隔离开关的主要作用是___。
A. 将电气设备与带电的电网隔离,改变运行方式,接通和断开小电流电路;
B. 将电气设备与带电的电网隔离,改变运行方式,接通和断开大电流电路;
C. 将电气设备与带电的电网隔离,接通和断开电流电路;
D. 改变运行方式,接通和断开电流电路,保证有明显的断开点。
【单选题】
01金女士经常通过计算机网络购物,从安全角度看,下面哪项是不好的操作习惯___?
A. 、使用专用上网购物用计算机,安装好软件后不要对该计算机上的系统软件、应用软件进行升级
B. 、为计算机安装具有良好声誉的安全防范软件,包括病毒查杀、安全检查和安全加固方面的软件
C. 、在IE的配置中,设置只能下载和安装经过签名的、安全的ActiveX控件
D. 、在使用网络浏览器时,设置不在计算机中保留网络历史记录和表单数据。
【单选题】
02小王在学习信息安全管理体系相关知识之后,对于建立信息安全管理体系,自己总结了下面四条要求,其中理解不正确的是___
A. 、信息安全管理体系的建立应参照国际国内有关标准实施,因为这些标准是标准化组织在总结研究了很多实际的或潜在的问题后,制定的能共同的和重复使用的规则
B. 、信息安全管理体系的建立应基于最新的信息安全技术,因为这是国家有关信息安全的法律和法规方面的要求,这体现以预防控制为主的思想
C. 、信息安全管理体系应强调全过程和动态控制的思想,因为安全问题是动态的,系统所处的安全环境也不会一成不变的,不可能建设永远安全的系统
D. 、信息安全管理体系应体现科学性和全面性的特点,因为要对信息安全管理设计的方方面面实施较为均衡的管理,避免遗漏某些方面而导致组织的整体信息安全水平过低
【单选题】
03下面有关软件安全问题的描述中,哪项不是由于软件设计缺陷引起的___
A. 、设计了用户权限分级机制和最小特权原则,导致软件在发布运行后,系统管理员不能查看系统审计信息
B. 、设计了采用不加盐(SALT)的SHA-1算法对用户口令进行加密存储,导致软件在发布运行后,不同的用户如使用了相同的口令会得到相同的加密结果,从而可以假冒其他用户登录
C. 、设计了缓存用户隐私数据机制以加快系统处理性能,导致软件在发布运行后,被黑客攻击获取到用户隐私数据
D. 、设计了采用自行设计的加密算法对网络传输数据进行保护,导致软件在发布运行后,被攻击对手截获网络数据并破解后得到明文
【单选题】
04密码学是网络安全的基础,但网络安全不能单纯依靠安全的密码算法,密码协议也是网络安全的一个重要组成部分。下面描述中,错误的是___
A. 、在实际应用中,密码协议应按照灵活性好、可扩展性高的方式制定,不要限制和框住所有的执行步骤,有些复杂的步骤可以不明确处理方式
B. 、密码协议定义了两方或多方之间为完成某项任务而制定的一系列步骤,协议中的每个参与方都必须了解协议,且按步骤执行
C. 、根据密码协议应用目的的不同,参与该协议的双方可能是朋友和完全信任的人,也可能是敌人和互相完全不信任的人
D. 、密码协议(cryptographic protocol),也称安全协议(security protocol),是使用密码学完成某项特定的任务并满足安全需求,其目的是提供安全服务
【单选题】
05某网络安全公司基于网络的实时入侵检测技术,动态监测来自于外部网络和内部网络的所有访问行为,当检测到来自内外网络针对或通过防火墙的攻击行为,会及时响应,并通知防火墙实时阻断攻击源,从而进一步提高了传统的抗击能力,更有效地保护了网络资源,提高了防御体系级别。但入侵检测技术不能实现以下哪种功能:___
A. 、检测并分析用户和系统的活动
B. 、核查系统的配置漏洞,评估系统关键资源和数据文件的完整性
C. 、防止IP地址欺骗
D. 、识别违反安全策略的用户活动
【单选题】
06若一个组织声称自己的ISMS符合ISO/IEC27001或GB/T22080标准要求,其信息安全控制措施通常在以下方面实施常规控制,不包括哪一项___
A. 、信息安全方针、信息安全组织、资产管理
B. 、人力资源安全、物力和环境安全、通信和操作管理
C. 、访问控制、信息系统获取、开发和维护、符合性
D. 、规划与建立ISMS
【单选题】
07随着信息安全涉及的范围越来越广,各个组织对信息安全管理的需求越来越迫切,越来越多的组织开始尝试使用,参考ISO27001介绍的ISMS来实施信息安全管理体系,提高组织的信息安全管理能力,关于ISMS,下面描述错误的是:___
A. 、在组织中,应由信息技术责任部门(如信息中心)制定并颁布信息安全方针,为组织的ISMS建设指明方向并提供总体纲领,明确总体要求。
B. 、组织的管理层应确保ISMS目标和相应的计划得以制定,信息安全管理目标应明确,可度量,风险管理计划应具体,具备可行性
C. 、组织的信息安全目标,信息安全方针和要求应传达到全组织范围内,应包括全体员工,同时,也应传达到客户,合作伙伴和供应商等外部各方
D. 、组织的管理层应全面了解组织所面临的信息安全风险,决定风险可接受级别和风险可接受准则,并确认接受相关残余风险
【单选题】
08王工是某单位的系统管理员,他在某次参加了单位组织的风险管理工作时,发现当前案例中共有两个重要资产:资产A1和资产A2:其中资产A1面临两个主要威胁:威胁T1和威胁T2;而资产A2面临一个主要威胁:威胁T3;威胁T1可以利用的资产A1存在的两个脆弱性:脆弱性V1和脆弱性V2;威胁T2可以利用的资产A1存在的三个脆弱性,脆弱性V3、脆弱性V4和脆弱性V5;威胁T3可以利用的资产A2存在的两个脆弱性:脆弱性V6和脆弱性V7根据上述条件,请问:使用相乘法时,应该为资产A1计算几个风险值___
A. 、2
B. 、3
C. 、5
D. 、6
【单选题】
09在信息安全管理过程中,背景建立是实施工作的第一步。下面哪项理解是错误的___
A. 、背景建立的依据是国家、地区或行业的相关政策、法律、法规和标准,以及机构的使命、信息系统的业务目标和特性
B. 、背景建立阶段应识别需要保护的资产、面临的威胁以及存在的脆弱性并分别赋值,同时确认已有的安全措施,形成需要保护的资产清单
C. 、背景建立阶段应调查信息系统的业务目标、业务特性、管理特性和技术特性,形成信息系统的描述报告
D. 、背景建立阶段应分析信息系统的体系结构和关键要素,分析信息系统的安全环境和要求,形成信息系统的安全要求报告
【单选题】
10ISO9001-2000标准在制定、实施质量管理体系以及改进其有效性时采用过程方法,通过满足顾客要求增进顾客满意。下图是关于过程方法的示意图,图中括号空白处应填写___
A. 、策略
B. 、管理者
C. 、组织
D. 、活动
【单选题】
11Apache HTTP Server(简称Apache)是一个开放源码的Web服务运行平台,在使用过程中,该软件默认会将自己的软件名和版本号发送给客户端。从安全角度出发,为隐藏这些信息,应当采取以下哪种措施___
A. 、不选择Windows平台,应选择在Linux平台下安装使用
B. 、安装后,修改配置文件http.conf中的有关参数
C. 、安装后,删除Apsche HTTP Server源码
D. 、从正确的官方网站下载Apeche HTTP Server,并安装使用
【单选题】
12由于频繁出现软件运行时被黑客远程攻击获取数据的现象,某软件公司准备加强软件安全开发管理,在下面做法中,对于解决问题没有直接帮助的是___
A. 、要求开发人员采用敏捷开发模型进行开发
B. 、要求所有的开发人员参加软件安全意识培训
C. 、要求规范软件编码,并制定公司的安全编码准则
D. 、要求增加软件安全测试环节,尽早发现软件安全问题
【单选题】
13某购物网站开发项目经过需求分析进入系统设计阶段,为了保证用户账户的安全,项目开发人员决定用户登录时除了用户名口令认证方式外,还加入基于数字证书的身份认证功能,同时用户口令使用SHA-1算法加密后存放在后台数据库中,请问以上安全设计遵循的是哪项安全设计原则:___
A. 、最小特权原则
B. 、职责分离原则
C. 、纵深防御原则
D. 、最少共享机制原则
【单选题】
14防火墙是网络信息系统建设中常常采用的一类产品,它在内外网隔离方面的作用是:___
A. 、既能物理隔离,又能逻辑隔离
B. 、既能物理隔离,但不能逻辑隔离
C. 、不能物理隔离,但是能逻辑隔离
D. 、不能物理隔离,也不能逻辑隔离
【单选题】
15有关能力成熟度模型(CMM),错误的理解是___
A. 、CMM的基本思想是,因为问题是由技术落后引起的,所以新技术的运用会在一定程度上提高质量、生产率和利润率
B. 、CMM的思想来源于项目管理和质量管理
C. 、CMM是一种衡量工程实施能力的方法,是一种面向工程过程的方法
D. 、CMM是建立在统计过程控制理论基础上的,它基于这样一个假设,即“生产过程的高质量和在过程中组织实施的成熟性可以低成本地生产出高质量产品”
【单选题】
16分组密码算法是一类十分重要的密码算法,下面描述中,错误的是___
A. 、分组密码算法要求输入明文按组分成固定长度的块
B. 、分组密码算法每次计算得到固定长度的密文输出块
C. 、分组密码算法也称为序列密码算法
D. 、常见的DES、IDEA算法都属于分组密码算法
【单选题】
17Linux系统的安全设置主要从磁盘上分区、账户安全设置、禁用危险服务、远程登录安全、用户鉴别安全、审计策略、保护root账户、使用网络防火墙的文件权限共10个方面来完成。小张在学习了Linux系统安全的相关知识后,尝试为自己计算机上的Linux系统进行安全配置。下列选项是他的部分操作。其中不合理的是___
A. 、编辑文件/etc/passwd,检查文件中用户ID,禁用所有ID=0的用户
B. 、编辑文件/etcf/ssh/sshd_config。将PermitRootLogin设置为no
C. 、编辑文件/etc/pam.
【单选题】
18某单位在一次信息安全风险管理活动中,风险评估报告提出服务器A的FTP服务存在高风险漏洞。随后该单位在风险处理时选择了关闭FTP服务的处理措施。请问该措施属于哪种风险处理方式___
A. 、风险降低
B. 、风险规避
C. 、风险转移
D. 、风险接受
【单选题】
19由于频繁出现软件运行时被黑客远程攻击获取数据的现象,某软件公司准备加强软件安全开发管理,在下面做法中,对于解决问题没有直接帮助的是___
A. 、要求开发人员采用敏捷开发模型进行开发
B. 、要求所有的开发人员参加软件安全意识培训
C. 、要求规范软件编码,并制定公司的安全编码准则
D. 、要求增加软件安全测试环节,尽早发现软件安全问题
【单选题】
20下面有关软件安全问题的描述中,哪项不是由于软件设计缺陷引起的___
A. 、设计了用户权限分级机制和最小特权原则,导致软件在发布运行后,系统管理员不能查看系统审计信息
B. 、设计了采用不加盐(SALT)的SHA-1算法对用户口令进行加密存储,导致软件在发布运行后,不同的用户如使用了相同的口令会得到相同的加密结果,从而可以假冒其他用户登录
C. 、设计了缓存用户隐私数据机制以加快系统处理性能,导致软件在发布运行后,被黑客攻击获取到用户隐私数据
D. 、设计了采用自行设计的加密算法对网络传输数据进行保护,导致软件在发布运行后,被攻击对手截获网络数据并破解后得到明文
【单选题】
21恢复时间目标(Recovery Time Objective,RTO)和恢复点目标(RECOVERY Point Objective,RPO)是业务连续性和灾难恢复工作中的两个重要指标,随着信息系统越来越重要和信息技术越来越先进,这两个指标的数值越来越小。小华准备为其工作的信息系统拟定RTO和RPO指标,则以下描述中,正确的是___
A. 、RTO可以为0,RPO也可以为0
B. 、RTO可以为0,RPO不可以为0
C. 、RTO不可以为0,RPO可以为0
D. 、RTO不可以为0,RPO也不可以为0
【单选题】
22小李在检查公司对外服务网站的源代码时,发现程序在发生诸如没有找到资源,数据库连接错误,写临时文件错误等问题时,会将详细的错误原因在结果页面上显示出来,从安全角度考虑,小李决定修改代码,将详细的错误原因都隐藏起来,在页面上仅仅告知用户“抱歉,发生内部错误”请问这种处理方法的主要目的是:___
A. 、避免缓冲区溢出
B. 、安全处理系统异常
C. 、安全使用临时文件
D. 、最小化反馈信息
【单选题】
23关于信息安全应急响应管理过程描述不正确的是___
A. 、基于应急响应工作的特点和事件的不规则性,事先制定出事件应急响应方法和过程,有助于一个组织在事件发生时阻止混乱的发生成是在混乱状态中迅速恢复控制,将损失和负面影响降全最低
B. 、应急响应方法和过程并不是唯一的
C. 、一种被广为接受的应急响应方法是将应急响应管理过程分为准备、检测、遏制、根除,恢复和跟踪总结6个阶段
D. 、一种被广为接受的应急响应方法是将应急响应管理过程分为准备、检测、遏制、根除、恢复和跟踪总结6个阶段。这6个阶段的响应方法一定能够确保事件处理的成功。
