Fork: 0
bello / csv2brain
Transfer to URL with SHA Find file
Newer
Older
csv2brain / app / src / main / assets / exam / c_1_03.json
ubt on 24 Jan 2024 197 KB 增加习题列表
Raw Blame History 
{"msg":"第三节 计算机网络与信息安全","code":200,"data":{"currentIndex":null,"examId":null,"examTime":null,"questionList":[{"id":"794930869558071297","title":"网络故障需按照协议层次进行分层诊断, 找出故障原因并进行相应处理。查看端口状态、协议建立状态和 EIA 状态 属于( &nbsp; )诊断。","analyze":"网络故障需按照协议层次进行分层诊断,找出故障原因并进行相应处理。 物理层是OSI分层结构体系中最基础的一层,它建立在通信媒体的基础上,实现系统和通信媒体的物理接口,为数据链路 实体之间进行透明传输,为建立、保持和拆除计算机和网络之间的物理连接提供服务。 物理层的故障主要表现在设备的物理连接方式是否恰当;连接电缆是否正确。确定路由器端口物理连接是否完好的最佳 方法是使用show interface命令,检査每个端口的状态,解释屏幕输出信息,查看端口状态、协议建立状态和EIA状态。","multi":0,"questionType":1,"answer":"A","chooseItem":["794930871462285313"],"itemList":[{"id":"794930871462285313","questionId":"794930869558071297","content":"物理层","answer":1,"chooseValue":"A"},{"id":"794930871479062529","questionId":"794930869558071297","content":"数据链路层","answer":0,"chooseValue":"B"},{"id":"794930871500034049","questionId":"794930869558071297","content":"网络层","answer":0,"chooseValue":"C"},{"id":"794930871516811265","questionId":"794930869558071297","content":"应用层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930861706334209","title":"如果要清除上网痕迹,必须( &nbsp;)。 &nbsp;","analyze":"ActiveX是微软一系列策略性面向对象程序技术和工具,其中主要的技术是组件对象模型。ActiveX是微软为抗衡Sun Microsystems的java技术而提出的,其功能和java applet功能类似。ActiveX控件的使用并不保留上网痕迹。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930863589576705"],"itemList":[{"id":"794930863556022273","questionId":"794930861706334209","content":"禁用ActiveX控件","answer":0,"chooseValue":"A"},{"id":"794930863572799489","questionId":"794930861706334209","content":"查杀病毒","answer":0,"chooseValue":"B"},{"id":"794930863589576705","questionId":"794930861706334209","content":"清除Cookie","answer":1,"chooseValue":"C"},{"id":"794930863602159617","questionId":"794930861706334209","content":"禁用脚本","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930810468716545","title":"<p>在Windows操作系统下,要获取某个网络开放端口所对应的应用程序信息,可以使用命令(59)。</p>","analyze":"<p>ipconfig:是调试计算机网络常用的命令, 通常大家使用它显示计算机网络适配器 IP地址, 子网掩码, 默认网关, DNS服务, 比如, 更新适配器, 清除DNS 缓冲等。</p><p>traceroute:traceroute可以利用ICMP协议定位到一台计算机与另一台计算机之间的所有路径。</p><p>netstat:用于显示协议统计信息和当前TCP/IP网络连接。</p><p>nslookup:用于查询DNS的记录,查看域名解析是否正常,在网络故障的时候用来诊断网络问题。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930812356153345"],"itemList":[{"id":"794930812318404609","questionId":"794930810468716545","content":"ipconfig","answer":0,"chooseValue":"A"},{"id":"794930812339376129","questionId":"794930810468716545","content":"traceroute","answer":0,"chooseValue":"B"},{"id":"794930812356153345","questionId":"794930810468716545","content":"netstat","answer":1,"chooseValue":"C"},{"id":"794930812372930561","questionId":"794930810468716545","content":"nslookup","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930750423060481","title":"<p>确定网络的层次结构及各层采用的协议是网络设计中( )阶段的主要任务。</p>","analyze":"<p>确定网络的层次结构及各层采用的协议是网络设计中网络体系结构设计阶段的主要任务</p><p><br/></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930752285331457"],"itemList":[{"id":"794930752264359937","questionId":"794930750423060481","content":"网络需求分析","answer":0,"chooseValue":"A"},{"id":"794930752285331457","questionId":"794930750423060481","content":"网络体系结构设计","answer":1,"chooseValue":"B"},{"id":"794930752302108673","questionId":"794930750423060481","content":"网络设备选型","answer":0,"chooseValue":"C"},{"id":"794930752318885889","questionId":"794930750423060481","content":"网络安全性设计","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930716080099329","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">以下关于拒绝服务攻击的叙述中,不正确的是</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">( &nbsp;</span><span style=\"font-family:宋体\">)</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span><br/></p><p class=\"MsoNormal\" style=\"text-indent:20.7000pt;\"><br/></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">拒绝服务攻击即攻击者想办法让目标机器停止提供服务,是黑客常用的攻击手段之一。其实对网络带宽进行的消耗性攻击只是拒绝服务攻击的一小部分,只要能够对目标造成麻烦,使某些服务被暂停甚至主机死机,都属于拒绝服务攻击。拒绝服务攻击问题也一直得不到合理的解决,究其原因是因为这是由于网络协议本身的安全缺陷造成的,从而拒绝服务攻击也成了攻击者的终极手法。攻击者进行拒绝服务攻击,实际上让服务器实现两种效果:一是迫使服务器的缓冲区满,不接收新的请求;二是使用</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">IP</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">欺骗,迫使服务器把合法用户的连接复位,影响合法用户的连接。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">C</span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930718055616513"],"itemList":[{"id":"794930717975924737","questionId":"794930716080099329","content":"拒绝服务攻击的目的是使计算机或者网络无法提供正常的服务","answer":0,"chooseValue":"A"},{"id":"794930718013673473","questionId":"794930716080099329","content":"拒绝服务攻击是不断向计算机发起请求来实现的","answer":0,"chooseValue":"B"},{"id":"794930718055616513","questionId":"794930716080099329","content":"拒绝服务攻击会造成用户密码的泄露","answer":1,"chooseValue":"C"},{"id":"794930718089170945","questionId":"794930716080099329","content":"DDOS是一种拒绝服务攻击形式","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930909471068161","title":"当DHCP服务器离线时,主机自动分配到的IP地址可能是 (22) 。","analyze":"根据DHCP协议,如果主机设置为自动获得IP地址,而又没有可用的DHCP服务器,那么主机会自动生成一个169.254.X.X的IP地址,以与其他主机正常通信。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930911417225217"],"itemList":[{"id":"794930911379476481","questionId":"794930909471068161","content":"127.0.0.1","answer":0,"chooseValue":"A"},{"id":"794930911400448001","questionId":"794930909471068161","content":"192.168.1.56","answer":0,"chooseValue":"B"},{"id":"794930911417225217","questionId":"794930909471068161","content":"169.254.45.32","answer":1,"chooseValue":"C"},{"id":"794930911438196737","questionId":"794930909471068161","content":"0.0.0.0","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930678029373441","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">某实验室使用无线路由器提供内部上网,无线路由器采用固定</span>IP地址连接至校园网,实验室用户使用一段时间后,不定期出现不能访问互联网的现象,经测试无线路由器工作正常,同时有线接入的用户可以访问互联网。分析以上情况,导致这一故障产生的最可能的原因是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>9)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 21pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">根据题目经测试无线路由器工作正常,则说明无线路由器硬件无故障,而如果是配置错误则不会出现实验室用户使用一段时间后,不定期出现不能访问互联网的现象。</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">C</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930679962947585"],"itemList":[{"id":"794930679916810241","questionId":"794930678029373441","content":"无线路由器配置错误","answer":0,"chooseValue":"A"},{"id":"794930679941976065","questionId":"794930678029373441","content":"无线路由器硬件故障","answer":0,"chooseValue":"B"},{"id":"794930679962947585","questionId":"794930678029373441","content":"内部或者外部网络攻击","answer":1,"chooseValue":"C"},{"id":"794930679979724801","questionId":"794930678029373441","content":"园网接入故障","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930858887761921","title":"关于网桥和交换机,下面的描述中正确的是( &nbsp; )。","analyze":"网桥和交换机都是第二层转发设备,即都是根据数据链路层地址转发(包括广播)数据包。二者的区别是网桥的 端口数较少,一般是用主机插入多个网卡来连接多个子网, 并通过软件来实现分组过滤功能。而交换机通常是采用专门 的硬件实现,端口数较多。 由于采用了专用硬件,因此交换机转发速度更快。无论网桥或交换机,一个端口就是一个冲 突域。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930860775198721"],"itemList":[{"id":"794930860741644289","questionId":"794930858887761921","content":"网桥端口数少,因而比交换机转发更快","answer":0,"chooseValue":"A"},{"id":"794930860758421505","questionId":"794930858887761921","content":"网桥转发广播帧,而交换机不转发广播帧","answer":0,"chooseValue":"B"},{"id":"794930860775198721","questionId":"794930858887761921","content":"交换机是一种多端口网桥","answer":1,"chooseValue":"C"},{"id":"794930860791975937","questionId":"794930858887761921","content":"交换机端口多,因而扩大可冲突域的大小","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930687156178945","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">ICMP协议数据单元封装在(66)中传送。</span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 21pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">ICMP (Internet control Message Protocol)与IP协议同属于网络层,用于传送有关通信问题的消息,例如数据报不能到达目标站,路由器没有足够的缓存空间,或者路由器向发送主机提供最短通路信息等。ICMP报文封装在IP数据报中传送,因而不保证可靠的提交。ICMP报文有11种之多,报文格式如下图所示。其中的类型字段表示ICMP报文的类型,代码字段可表示报文的少量参数,当参数较多时写入32位的参数字段,ICMP报文携带的信息包含在可变长的信息字段中,校验和字段是关于整个ICMP报文的校验和。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;(66) D</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930689056198657"],"itemList":[{"id":"794930689005867009","questionId":"794930687156178945","content":"以太帧","answer":0,"chooseValue":"A"},{"id":"794930689022644225","questionId":"794930687156178945","content":"TCP段","answer":0,"chooseValue":"B"},{"id":"794930689039421441","questionId":"794930687156178945","content":"UDP数据报","answer":0,"chooseValue":"C"},{"id":"794930689056198657","questionId":"794930687156178945","content":"IP数据报","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930850432045057","title":"数字信封( &nbsp; )。","analyze":"数字信封加密的是对称密钥,需要使用收件人的公钥加密会话(对称)密钥,然后收件人用自己的私钥去解密,从而拿到对称密钥。具体内容请参考51CTO相关视频课程。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930852311093249"],"itemList":[{"id":"794930852277538817","questionId":"794930850432045057","content":"使用非对称密钥体制密码算法加密邮件正文","answer":0,"chooseValue":"A"},{"id":"794930852294316033","questionId":"794930850432045057","content":"使用RSA算法对邮件正文生成摘要","answer":0,"chooseValue":"B"},{"id":"794930852311093249","questionId":"794930850432045057","content":"使用收件人的公钥加密会话密钥","answer":1,"chooseValue":"C"},{"id":"794930852327870465","questionId":"794930850432045057","content":"使用发件人的私钥加密会话密钥","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930841959550977","title":"<p>关于网络安全防御技术的描述,不正确的是(7)。</p>","analyze":"<p>防火墙是一种较早使用、实用性很强的网络安全防御技术,它阻挡对网络的非法访问和不安全数据的传递,使得本地系统和网络免于受到许多网络安全威胁。在网络安全中,防火墙主要用于逻辑隔离外部网络与受保护的内部网络。防火墙主要是实现网络安全的安全策略,而这种策略是预先定义好的,所以是一种静态安全技术。在策略中涉及的网络访问行为可以实施有效管理,而策略之外的网络访问行为则无法控制。防火墙的安全策略由安全规则表示。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930843813433345"],"itemList":[{"id":"794930843813433345","questionId":"794930841959550977","content":"防火墙主要是实现网络安全的安全策略,可以对策略中涉及的网络访问行为实施有效管理,也可以对策略之外的网络访问行为进行控制","answer":1,"chooseValue":"A"},{"id":"794930843834404865","questionId":"794930841959550977","content":"入侵检测系统注重的是网络安全状况的监督,绝大多数IDS系统都是被动的","answer":0,"chooseValue":"B"},{"id":"794930843855376385","questionId":"794930841959550977","content":"蜜罐技术是一种主动防御技术,是一个“诱捕”攻击者的陷阱","answer":0,"chooseValue":"C"},{"id":"794930843876347905","questionId":"794930841959550977","content":"虚拟专业网络是在公网中建立专用的、安全的数据通信通道","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930799060209665","title":"<p>如果一台配置成自动获取IP地址的计算机,开机后得到的IP地址是169.254.1.17(即没有DHCP服务器为其提供IP地址),则首先应该 ( &nbsp;)。</p>","analyze":"<p>当计算机开机后得到的IP地址是169.254.1.17时,说明网卡工作正常,计算机获得的是APIPA地址,所以应检查网络连线是否断开,或其他原因导致无法从DHCP服务器获取动态IP地址。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930800918286337"],"itemList":[{"id":"794930800918286337","questionId":"794930799060209665","content":"检查网络连接电缆","answer":1,"chooseValue":"A"},{"id":"794930800930869249","questionId":"794930799060209665","content":"检查网卡的工作状态","answer":0,"chooseValue":"B"},{"id":"794930800947646465","questionId":"794930799060209665","content":"检查DNS服务器的配置","answer":0,"chooseValue":"C"},{"id":"794930800960229377","questionId":"794930799060209665","content":"查杀病毒","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930713244749825","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">网络系统中,通常把</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">( &nbsp;&nbsp;</span><span style=\"font-family:宋体\">)</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">置于</span></span><span style=\"text-indent: 20.7pt; font-family: Courier; font-size: 10.5pt;\">DMZ</span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">区。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: Courier; font-size: 10.5pt;\">DMZ</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">是为了解决安装防火墙后外部网络不能访问内部网络服务器的问题,而设立的一个非安全系统与安全系统之间的缓冲区,这个缓冲区位于企业内部网络和外部网络之间的小网络区域内,在这个小网络区域内可以放置一些必须公开的服务器设施,如企业</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">Web</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">服务器、</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">FTP</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">服务器和论坛等。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">B</span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930715107020801"],"itemList":[{"id":"794930715090243585","questionId":"794930713244749825","content":"网络管理服务器","answer":0,"chooseValue":"A"},{"id":"794930715107020801","questionId":"794930713244749825","content":"Web服务器","answer":1,"chooseValue":"B"},{"id":"794930715123798017","questionId":"794930713244749825","content":"入侵检测服务器","answer":0,"chooseValue":"C"},{"id":"794930715136380929","questionId":"794930713244749825","content":"财务管理服务器","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930747621265409","title":"如果发送给DHCP客户端的地址已经被其他DHCP客户端使用,客户端会向服务器发送( )信息包拒绝接收已经分配的地址信息。","analyze":"DHCP客户端收到DHCP服务器回应的ACK报文后,通过地址冲突检测发现服务器分配的地址冲突或者由于其他原因导致不能使用,则发送DhcpDecline报文,通知服务器所分配的IP地址不可用。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930749500313601"],"itemList":[{"id":"794930749470953473","questionId":"794930747621265409","content":"DhcpAck","answer":0,"chooseValue":"A"},{"id":"794930749483536385","questionId":"794930747621265409","content":"DhcpOffer","answer":0,"chooseValue":"B"},{"id":"794930749500313601","questionId":"794930747621265409","content":"DhcpDecline","answer":1,"chooseValue":"C"},{"id":"794930749512896513","questionId":"794930747621265409","content":"DhcpNack","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930915192098817","title":"<p>OSPF 协议把网络划分成4种区域(Area),其中连接各个区域的传输网络是 (25) 。</p>","analyze":"<p>OSPF协议引入“分层路由”的概念,将网络分割成一个“主干”连接的一组相互独立的部分,这些相互独立的部分被称为“区域”(Area),“主干”的部分称为“主干区域”。每个区域就如同一个独立的网络,该区域的OSPF路由器只保存该区域的链路状态。整个网络呈星形。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930917083729921"],"itemList":[{"id":"794930917050175489","questionId":"794930915192098817","content":"分支区域","answer":0,"chooseValue":"A"},{"id":"794930917066952705","questionId":"794930915192098817","content":"标准区域","answer":0,"chooseValue":"B"},{"id":"794930917083729921","questionId":"794930915192098817","content":"主干区域","answer":1,"chooseValue":"C"},{"id":"794930917100507137","questionId":"794930915192098817","content":"通信区域","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930906618941441","title":"<p>TCP/IP的四层模型中,每一层都提供了安全协议,下列属于数据链路层安全协议的是 (21) 。</p>","analyze":"<p>PPTP(Point to Point Tunneling Protocol,点对点隧道协议)用于将PPP分组通过IP网络封装传输,以实现虚拟专网(VPN),工作在数据链路层;SSH工作在应用层;IPSec工作在网络层;Socks工作在会话层。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930908502183937"],"itemList":[{"id":"794930908502183937","questionId":"794930906618941441","content":"PPTP","answer":1,"chooseValue":"A"},{"id":"794930908523155457","questionId":"794930906618941441","content":"SSH","answer":0,"chooseValue":"B"},{"id":"794930908544126977","questionId":"794930906618941441","content":"IPSec","answer":0,"chooseValue":"C"},{"id":"794930908560904193","questionId":"794930906618941441","content":"Socks","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930657997377537","title":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">IPv6站点通过IPv4网络通信需要使用隧道技术,常用的3种自动隧道技术是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>67)</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">IPv6站点通过IPv4网络通信,最常用的3种自动隧道技术是6to4隧道、6over4隧道和ISATAP隧道。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(67)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">B</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930659884814337"],"itemList":[{"id":"794930659868037121","questionId":"794930657997377537","content":"VPN隧道、PPTP隧道和IPsec隧道","answer":0,"chooseValue":"A"},{"id":"794930659884814337","questionId":"794930657997377537","content":"6to4隧道、6over4隧道和ISATAP隧道","answer":1,"chooseValue":"B"},{"id":"794930659901591553","questionId":"794930657997377537","content":"VPN隧道、PPP隧道和ISATAP隧道","answer":0,"chooseValue":"C"},{"id":"794930659918368769","questionId":"794930657997377537","content":"IPsec隧道、6over4隧道和PPTP隧道","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930684169834497","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">ICMP协议属于英特网中的(65)协议。</span></p>","analyze":"<p><span style=\"font-family: 宋体; font-size: 10.5pt; text-indent: 21pt;\">ICMP (Internet control Message Protocol)与IP协议同属于网络层,用于传送有关通信问题的消息,例如数据报不能到达目标站,路由器没有足够的缓存空间,或者路由器向发送主机提供最短通路信息等。ICMP报文封装在IP数据报中传送,因而不保证可靠的提交。ICMP报文有11种之多,报文格式如下图所示。其中的类型字段表示ICMP报文的类型,代码字段可表示报文的少量参数,当参数较多时写入32位的参数字段,ICMP报文携带的信息包含在可变长的信息字段中,校验和字段是关于整个ICMP报文的校验和。</span><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">65)B</span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930686208266241"],"itemList":[{"id":"794930686187294721","questionId":"794930684169834497","content":"数据链路层","answer":0,"chooseValue":"A"},{"id":"794930686208266241","questionId":"794930684169834497","content":"网络层","answer":1,"chooseValue":"B"},{"id":"794930686229237761","questionId":"794930684169834497","content":"传输层","answer":0,"chooseValue":"C"},{"id":"794930686246014977","questionId":"794930684169834497","content":"会话层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930692793323521","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">中国自主研发的</span>3G通信标准是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>68)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 21pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">1985年,ITU提出了对第三代移动通信标准的需求,1996年正式命名为IMT-2000 (International Mobile Telecommunications-2000 ),其中的2000有3层含义:</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>1)使用的频段在2000mHz附近;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>2)通信速率于约为2000Kb/s (即2Mb/s);</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>3)预期在2000年推广商用。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">1999年ITU批准了五个IMT-2000的无线电接口,这五个标准是:</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>1)IMT-DS(Direct Spread):即W-CDMA,属于频分双工模式,在日本和欧洲制定的UMTS系统中使用;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>2)IMT-MC(Multi-Carrier):即CDMA-2000,属于频分双工模式,是第二代CDMA 系统的继承者;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>3)IMT-TC(Time-Code):这一标准是中国提出的TD-SCDMA,属于时分双工模式;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>4)IMT-SC(Single Carrier):也称为EDGE,是一种2.75G技术;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span>5)IMT-FT(FrequencyTime):也称为DECT。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">2007年10月19日,ITU会议批准移动WiMAX作为第6个3G标准,称为IMT-2000 OFDMATDD WMAN,即无线城域网技术。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">第三代数字蜂窝通信系统提供第二代蜂窝通信系统提供的所有业务类型,并支持移动多媒体业务。在高速车辆行驶时支持</span>144Kb/s的数据速率,步行和慢速移动环境下支持384Kb/s的数据速率,室内静止环境下支持2Mb/s的高速数据传输,并保证可靠的服务质量。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">68)B</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930694684954625"],"itemList":[{"id":"794930694668177409","questionId":"794930692793323521","content":"CDMA2000","answer":0,"chooseValue":"A"},{"id":"794930694684954625","questionId":"794930692793323521","content":"TD-SCDMA","answer":1,"chooseValue":"B"},{"id":"794930694697537537","questionId":"794930692793323521","content":"WCDMA","answer":0,"chooseValue":"C"},{"id":"794930694714314753","questionId":"794930692793323521","content":"WiMAX","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930856035635201","title":"<p>在使用Kerberos进行密钥管理的环境中,有N个人,为确保在任意两个人之间进行秘密对话,系统所需的最少会话密钥数为( &nbsp; )个。</p>","analyze":"<p>Kerberos 是应用对称密钥密码体制进行密钥管理的系统,在有N个人的系统中,为确保在任意两个人之间进行秘密对话,系统需要至少知道它和每个人的共享密钥。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930857977597953"],"itemList":[{"id":"794930857889517569","questionId":"794930856035635201","content":"N-1","answer":0,"chooseValue":"A"},{"id":"794930857923072001","questionId":"794930856035635201","content":"N","answer":0,"chooseValue":"B"},{"id":"794930857952432129","questionId":"794930856035635201","content":"N+1","answer":0,"chooseValue":"C"},{"id":"794930857977597953","questionId":"794930856035635201","content":"N(N-1)/2","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930813287288833","title":"<p>安全机制是实现安全服务的技术手段,一种安全机制可以提供多种安全服务,而一种安全服务也可采用多种安全机制。安全机制不能提供的安全服务是 (68) 。</p>","analyze":"<p>在安全的开放环境中,用户可以使用各种安全应用。安全应用由一些安全服务来实现;安全服务又是由各种安全机制或安全技术实现的,同一安全机制有时也可以用于实现不同的安全服务。</p><p>安全服务主要有如下内容。</p><p>(1)认证:包括实体认证与数据源认证;</p><p>(2)数据保密性:包括连接机密性、无连接机密性、选择域机密性与业务流机密性;</p><p>(3)数据完整性:包括有恢复连接完整性、无恢复连接完整性、选择域连接完整性、无连接完整性与选择域五连接完整性;</p><p>(4)抗抵赖性:包括有源端证据的抗抵赖性与有交付证据的抗抵赖性;</p><p>(5)访问控制:决定了谁能够访问系统,能访问系统的何种资源以及如何使用这些资源。适当的访问控制能够阻止未经允许的用户有意或无意地获取数据。访问控制的手段包括用户识别代码、口令、登录控制、资源授权(例如用户配置文件、资源配置文件和控制列表)、授权核查、日志和审计。<br/><br/></p><p>安全机制主要有:<br/>(1)加密机制,存在加密机制意味着存在密钥管理机制;<br/>(2)数字签名机制;<br/>(3)访问控制机制:<br/>(4)数据完整性机制:<br/>(5)认证机制;<br/>(6)通信业务填充机制;<br/>(7)路由控制机制;<br/>(8)公证机制。</p><p><br/></p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930815149559809"],"itemList":[{"id":"794930815149559809","questionId":"794930813287288833","content":"数据保密性","answer":1,"chooseValue":"A"},{"id":"794930815170531329","questionId":"794930813287288833","content":"访问控制","answer":0,"chooseValue":"B"},{"id":"794930815183114241","questionId":"794930813287288833","content":"数字签名","answer":0,"chooseValue":"C"},{"id":"794930815195697153","questionId":"794930813287288833","content":"认证","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930753241632769","title":"数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密,接收方用发送方的公钥验证真伪。生成消息摘要的目的是(请作答此空),对摘要进行加密的目的是( )。","analyze":"<p>报文摘要用于为发送的报文生成一个非常小的摘要信息,这个摘要信息保证原报文的完整性,原报文只要有一位被改变,则摘要信息就会不匹配。</p><p>用私钥对摘要加密不仅保证了摘要的私密性,还可以防止抵赖,因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930755124875265"],"itemList":[{"id":"794930755091320833","questionId":"794930753241632769","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930755108098049","questionId":"794930753241632769","content":"防止抵赖","answer":0,"chooseValue":"B"},{"id":"794930755124875265","questionId":"794930753241632769","content":"防止篡改","answer":1,"chooseValue":"C"},{"id":"794930755145846785","questionId":"794930753241632769","content":"防止重放","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930839140978689","title":"<p>下列攻击行为中,属于典型被动攻击的是( )。</p>","analyze":"<p>显然选项ABD都属于主动攻击</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930841011638273"],"itemList":[{"id":"794930840978083841","questionId":"794930839140978689","content":"拒绝服务攻击","answer":0,"chooseValue":"A"},{"id":"794930840994861057","questionId":"794930839140978689","content":"会话拦截","answer":0,"chooseValue":"B"},{"id":"794930841011638273","questionId":"794930839140978689","content":"系统干涉","answer":1,"chooseValue":"C"},{"id":"794930841024221185","questionId":"794930839140978689","content":"修改数据命令","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930920862797825","title":"<p>以下关于网络布线子系统的说法中,正确的是 (27) 。</p>","analyze":"<p>工作区子系统由终端设备连接到信息插座的连线组成的,包括连接线和适配器。</p><p>水平子系统连接干线子系统和用户工作区,是各个楼层配线间中的配线架到工作区信息插座之间所安装的线缆。</p><p>干线子系统是各水平子系统(各楼层)设备之间的互连系统。</p><p>管理子系统由互相连接或交叉连接的配线架、信息插座式配线架及相关跳线组成。</p><p>建筑群子系统负责连接建筑物,往往采用单模光纤进行连接。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930922741846017"],"itemList":[{"id":"794930922720874497","questionId":"794930920862797825","content":"工作区子系统指终端到信息插座的区域","answer":0,"chooseValue":"A"},{"id":"794930922741846017","questionId":"794930920862797825","content":"水平子系统实现计算机设备与各管理子系统间的连接","answer":1,"chooseValue":"B"},{"id":"794930922762817537","questionId":"794930920862797825","content":"干线子系统用于连接建筑物","answer":0,"chooseValue":"C"},{"id":"794930922787983361","questionId":"794930920862797825","content":"建筑群子系统连接其他各个子系统","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930912373526529","title":"DNS服务配置中的 (24) 记录,用于解析IPV6地址。","analyze":"DNS服务配置中的A记录用于解析主机到IPV4地址;MX记录指明邮件交换服务器的地址;CNAME记录指明域名的别名;AAAA记录将主机解析到IPV6地址。","multi":0,"questionType":1,"answer":"D","chooseItem":["794930914273546241"],"itemList":[{"id":"794930914219020289","questionId":"794930912373526529","content":"A","answer":0,"chooseValue":"A"},{"id":"794930914239991809","questionId":"794930912373526529","content":"MX","answer":0,"chooseValue":"B"},{"id":"794930914256769025","questionId":"794930912373526529","content":"CNAME","answer":0,"chooseValue":"C"},{"id":"794930914273546241","questionId":"794930912373526529","content":"AAAA","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930698468216833","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">与</span> HTTP <span style=\"font-family:宋体\">相比,</span><span style=\"font-family:Calibri\">HTTPS </span><span style=\"font-family:宋体\">协议对传输的内容进行加密,更加安全。</span><span style=\"font-family:Calibri\">HTTPS </span><span style=\"font-family:宋体\">基于(&nbsp;</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\">&nbsp;<span style=\"font-family:宋体\">)安全协议。</span></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><br/></p>","analyze":"<p>HTTPS(Secure&nbsp;Hypertext&nbsp;Transfer&nbsp;Protocol)安全超文本传输协议。它是一个安全通信通道,基于HTTP开发,用于在客户计算机和服务器之间交换信息。HTTPS使用安全套接字层(SSL)进行信息交换,简单来说它是HTTP的安全版。&nbsp;&nbsp;&nbsp;&nbsp;</p><p><br/></p>&nbsp;&nbsp;HTTPS和HTTP的区别:<p><br/></p><p><br/></p>&nbsp;•&nbsp;https协议需要到ca申请证书,一般免费证书很少,需要交费。<p><br/></p>&nbsp;•&nbsp;http是超文本传输协议,信息是明文传输,https&nbsp;则是具有安全性的ssl加密传输协议。<p><br/></p>&nbsp;•&nbsp;http和https使用的是完全不同的连接方式用的端口也不一样,前者是80,后者是443。<p><br/></p>&nbsp;•&nbsp;http的连接很简单,是无状态的。<p><br/></p>&nbsp;HTTPS协议是由SSL+HTTP协议构建的可进行加密传输、身份认证的网络协议,要比http协议安全。<p><br/></p>参考答案:C<p><br/></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930700577951745"],"itemList":[{"id":"794930700544397313","questionId":"794930698468216833","content":"RSA","answer":0,"chooseValue":"A"},{"id":"794930700561174529","questionId":"794930698468216833","content":"DES","answer":0,"chooseValue":"B"},{"id":"794930700577951745","questionId":"794930698468216833","content":"SSL","answer":1,"chooseValue":"C"},{"id":"794930700590534657","questionId":"794930698468216833","content":"SSH","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930689962168321","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">假设网络的生产管理系统采用</span>B/S工作方式,经常上网的用户数为100个,每个用户每分钟产生11个事务处理,平均每个事务处理的数据量大小为0.06MB,则这个系统需要的信息传输速率为(67)。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 21pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">系统需要的信息传输速率</span>R=0.06</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">*</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">8</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">*</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">11</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">*</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">100÷60= 8.8(Mb/s)。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">67)B</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930691853799425"],"itemList":[{"id":"794930691837022209","questionId":"794930689962168321","content":"5.28Mb/s","answer":0,"chooseValue":"A"},{"id":"794930691853799425","questionId":"794930689962168321","content":"8.8Mb/s","answer":1,"chooseValue":"B"},{"id":"794930691870576641","questionId":"794930689962168321","content":"66Mb/s","answer":0,"chooseValue":"C"},{"id":"794930691883159553","questionId":"794930689962168321","content":"528Mb/s","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930853238034433","title":"<p>SSL(TLS)协议( &nbsp; )。</p>","analyze":"<p>SSL(TLS)工作于TCP/IP协议栈的传输层之上,能够提供身份认证、数据的机密性完整性保护。可以用于实现安全电子邮件等众多安全应用。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930855121276929"],"itemList":[{"id":"794930855075139585","questionId":"794930853238034433","content":"工作于TCP/IP协议栈的网络层","answer":0,"chooseValue":"A"},{"id":"794930855091916801","questionId":"794930853238034433","content":"不能够提供身份认证功能","answer":0,"chooseValue":"B"},{"id":"794930855108694017","questionId":"794930853238034433","content":"仅能够实现加解密功能","answer":0,"chooseValue":"C"},{"id":"794930855121276929","questionId":"794930853238034433","content":"可以被用于实现安全电子邮件","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930836108496897","title":"根据统计显示,80%的网络攻击源于内部网络,因此,必须加强对内部网络的安全控制和防护。下面的措施中,无助于提高同一局域网内安全性的措施是(70)。","analyze":"防火墙对内部发生的攻击事件无能为力。","multi":0,"questionType":1,"answer":"D","chooseItem":["794930838218231809"],"itemList":[{"id":"794930838058848257","questionId":"794930836108496897","content":"使用防病毒软件","answer":0,"chooseValue":"A"},{"id":"794930838134345729","questionId":"794930836108496897","content":"使用日志审计系统","answer":0,"chooseValue":"B"},{"id":"794930838180483073","questionId":"794930836108496897","content":"使用入侵检测系统","answer":0,"chooseValue":"C"},{"id":"794930838218231809","questionId":"794930836108496897","content":"使用防火墙防止内部攻击","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930969319591937","title":"网络安全体系设计可从物理线路安全、网络安全、系统安全、应用安全等方面来进行。 其中,比特币的分布式冗余存储可以防止互联网的攻击者破坏和篡改数据,属于&nbsp;(28) 。","analyze":"<p>比特币是具体的业务应用场景,其安全是应用安全;分布式冗余存储可以防止网络上的攻击者破坏和篡改数据,属于网络安全。</p><p>参考答案:B</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930971177668609"],"itemList":[{"id":"794930971160891393","questionId":"794930969319591937","content":"物理线路安全和网络安全<br/>","answer":0,"chooseValue":"A"},{"id":"794930971177668609","questionId":"794930969319591937","content":"应用安全和网络安全","answer":1,"chooseValue":"B"},{"id":"794930971190251521","questionId":"794930969319591937","content":"系统安全和网络安全","answer":0,"chooseValue":"C"},{"id":"794930971211223041","questionId":"794930969319591937","content":"系统安全和应用安全","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930707561467905","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">不属于入侵检测技术。</span></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><br/></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">漏洞扫描是指基于漏洞数据库,通过扫描等手段对指定的远程或者本地计算机系统的安全脆弱性进行检测,发现可利用漏洞的一种安全检测(渗透攻击)行为。漏洞扫描技术是一类重要的网络安全技术。它和防火墙、入侵检测系统互相配合,能够有效提高网络的安全性。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">D</span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930709469876225"],"itemList":[{"id":"794930709419544577","questionId":"794930707561467905","content":"专家系统","answer":0,"chooseValue":"A"},{"id":"794930709436321793","questionId":"794930707561467905","content":"模型检测","answer":0,"chooseValue":"B"},{"id":"794930709453099009","questionId":"794930707561467905","content":"简单匹配","answer":0,"chooseValue":"C"},{"id":"794930709469876225","questionId":"794930707561467905","content":"漏洞扫描","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930875300073473","title":"<p>用户在电子商务网站上使用网上银行支付时,必须通过()在Internet与银行专用网之间进行数据交换。</p>","analyze":"<p>支付网关可以将Internet上传输的数据转换为银行专用网数据,是金融网络系统与Internet网络之间的接口。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930877141372929"],"itemList":[{"id":"794930877141372929","questionId":"794930875300073473","content":"支付网关","answer":1,"chooseValue":"A"},{"id":"794930877153955841","questionId":"794930875300073473","content":"防病毒网关","answer":0,"chooseValue":"B"},{"id":"794930877166538753","questionId":"794930875300073473","content":"出口路由器","answer":0,"chooseValue":"C"},{"id":"794930877183315969","questionId":"794930875300073473","content":"堡垒主机","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930669443633153","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">以下关于</span>IPsec协议的描述中,正确的是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>6)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">IPsec的功能可以划分三类:</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">\t</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">①认证头(Authentication Header, AH):用于数据完整性认证和数据源认证;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">\t</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">②封装安全负荷(Encapsulating Security Payload,ESP):提供数据保密性和数据完整性认证,ESP也包括了防止重放攻击的顺序号;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">\t</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">③Internet密钥交换协议(Internet Key Exchange,IKE):用于生成和分发在ESP和AH中使用的密钥,IKE也对远程系统进行初始认证。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">IPsec传输模式中,IP头没有加密,只对IP数据进行了加密;在隧道模式中,IPSec 对原来的IP数据报进行了封装和加密,加上了新的IP头。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">IPSec的安全头插入在标准的IP头和上层协议(例如TCP)之间,任何网络服务和网络应用可以不经修改地从标准IP转向IPSec,同时IPSec通信也可以透明地通过现有的IP路由器。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">A&nbsp;</span><strong><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></strong></p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930671335264257"],"itemList":[{"id":"794930671335264257","questionId":"794930669443633153","content":"IPsec认证头(AH)不提供数据加密服务","answer":1,"chooseValue":"A"},{"id":"794930671352041473","questionId":"794930669443633153","content":"IPsec封装安全负荷(ESP)用于数据完整性认证和数据源认证","answer":0,"chooseValue":"B"},{"id":"794930671368818689","questionId":"794930669443633153","content":"IPsec的传输模式对原来的IP数据报进行了封装和加密,再加上了新IP头","answer":0,"chooseValue":"C"},{"id":"794930671385595905","questionId":"794930669443633153","content":"IPsec通过应用层的Web服务建立安全连接","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930695649644545","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">2014年1月,由于DNS根据服务器被攻击,国内许多互联网用户无法访问.com域名网站,这种恶意攻击可能造成的危害是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>70)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><span style=\"font-family: 宋体; font-size: 10.5pt; text-indent: 21pt;\">DNS根服务器被攻击,会使许多互联网用户无法访问该根域服务器解析域名的网站。这种攻击可能造成的后果是将正常网站的域名解析到错误的地址上,但这种攻击一般不是以入侵服务器或客户端为目的。</span><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">70)C</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930697545469953"],"itemList":[{"id":"794930697511915521","questionId":"794930695649644545","content":"创造条件,攻击相应的服务器","answer":0,"chooseValue":"A"},{"id":"794930697528692737","questionId":"794930695649644545","content":"快速入侵互联网用户的计算机","answer":0,"chooseValue":"B"},{"id":"794930697545469953","questionId":"794930695649644545","content":"将正常网站的域名解析到错误的地址","answer":1,"chooseValue":"C"},{"id":"794930697562247169","questionId":"794930695649644545","content":"以上都是","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930773076496385","title":"下列选项中,防范网络监听最有效的方法是()。","analyze":"网络监听是主机的一种工作模式,在这种模式下,主机可以接收到本网段在同一条物理通道上传输的所有信息。使用网络监听工具可轻而易举地截取包括口令和 账号在内的信息资料。采用数据加密的方式保护包括口令和账号在内的信息资料,使得即使获取密文后也无法解密成明文是对付网络监听的有效手段。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930775005876225"],"itemList":[{"id":"794930774942961666","questionId":"794930773076496385","content":"安装防火墙","answer":0,"chooseValue":"A"},{"id":"794930774972321794","questionId":"794930773076496385","content":"采用无线网络传输","answer":0,"chooseValue":"B"},{"id":"794930775005876225","questionId":"794930773076496385","content":"数据加密","answer":1,"chooseValue":"C"},{"id":"794930775039430658","questionId":"794930773076496385","content":"漏洞扫描","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930790306697217","title":"( ) 属于Web客户端脚本语言。","analyze":"Web客户端脚本在客户端浏览器中解释执行并及时更新页面,脚本处理工作全部在客户端浏览器完成,减轻服务器负荷,同时增加页面的反应速度,客户端脚本包括VbScript和JavaScript.","multi":0,"questionType":1,"answer":"A","chooseItem":["794930792210911233"],"itemList":[{"id":"794930792210911233","questionId":"794930790306697217","content":"JavaScript","answer":1,"chooseValue":"A"},{"id":"794930792244465665","questionId":"794930790306697217","content":"ASP","answer":0,"chooseValue":"B"},{"id":"794930792265437185","questionId":"794930790306697217","content":"JSP","answer":0,"chooseValue":"C"},{"id":"794930792290603009","questionId":"794930790306697217","content":"PHP","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930932158058497","title":"<p>以下关于传统防火墙技术的描述中,正确的是 (31) 。</p>","analyze":"<p>网络地址转换(Network Address Translation,NAT),是一种在IP数据包通过路由器或防火墙时重写来源IP地址或目的IP地址的技术。</p><p>防火墙工作在网络层,支持网络地址转换和端口映射,通常部署在企业内部网和Internet之间,具有网络隔离、路由、报文过滤等功能,但不具备查杀病毒、过滤垃圾邮件等应用层上的功能。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930934058078209"],"itemList":[{"id":"794930934024523777","questionId":"794930932158058497","content":"防火墙不能支持网络地址转换","answer":0,"chooseValue":"A"},{"id":"794930934058078209","questionId":"794930932158058497","content":"防火墙主要工作在网络层","answer":1,"chooseValue":"B"},{"id":"794930934100021249","questionId":"794930932158058497","content":"防火墙可以查、杀各种病毒","answer":0,"chooseValue":"C"},{"id":"794930934150352897","questionId":"794930932158058497","content":"防火墙可以过滤垃圾邮件","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930966517796865","title":"<p>在Linux中,可以使用&nbsp;(26)&nbsp;命令挂载。</p>","analyze":"<p>Linux中使用mount命令将分区挂载到文件夹,与其他文件夹一样访问。</p><p>参考答案:A</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930968363290625"],"itemList":[{"id":"794930968363290625","questionId":"794930966517796865","content":"mount","answer":1,"chooseValue":"A"},{"id":"794930968375873537","questionId":"794930966517796865","content":"umount","answer":0,"chooseValue":"B"},{"id":"794930968392650753","questionId":"794930966517796865","content":"export","answer":0,"chooseValue":"C"},{"id":"794930968409427969","questionId":"794930966517796865","content":"uname","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930889493598209","title":"<p>在层次化网络设计方案中,通常在 ()实现网络的访问策略控制。</p>","analyze":"<p>在分层设计中,引入了三个关键层的概念:核心层、汇聚层和接入层。</p><p>通常将网络中直接面向用户连接或访问网络的部分称为接入层,将位于接入层和核心层之间的部分称为分布层或汇聚层。目的是允许终端用户连接到网络,主要解决相邻用户之间的互访需求,并且为这些访问提供足够的带宽,接入层还应当适当负责一些用户管理功能(如地址认证、用户认证、计费管理等),以及用户信息收集工作(如用户的IP地址、MAC地址、访问日志等)。</p><p>汇聚层是核心层和接入层的分界面,完成网络访问策略控制、数据包处理、过滤、寻址,以及其他数据处理的任务。汇聚层交换机是多台接入层交换机的汇聚点,它必须能够处理来自接入层设备的所有通信量,并提供到核心层的上行链路,因此,汇聚层交换机与接入层交换机比较,需要更高的性能、更少的接口和更高的交换速率。</p><p>&nbsp;网络主干部分称为核心层,核心层的主要目的在于通过高速转发通信,提供优化、可靠的骨干传输结构,因此,核心层交换机应拥有更高的可靠性,性能和吞吐量。核心层为网络提供了骨干组件或高速交换组件,在纯粹的分层设计中,核心层只完成数据交换的特殊任务。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930891381035009"],"itemList":[{"id":"794930891347480577","questionId":"794930889493598209","content":"应用层","answer":0,"chooseValue":"A"},{"id":"794930891364257793","questionId":"794930889493598209","content":"接入层","answer":0,"chooseValue":"B"},{"id":"794930891381035009","questionId":"794930889493598209","content":"汇聚层","answer":1,"chooseValue":"C"},{"id":"794930891397812225","questionId":"794930889493598209","content":"核心层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930640435826689","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">为了弥补</span>WEP的安全缺陷,WPA安全认证方案中新增的机制是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>7)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">有线等效保密</span>WEP的设计目的是提供与有线局域网等价的机密性。WEP使用RC4协议进行加密,并使用CRC-32校验保证数据的完整性。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">最初的</span>WEP标准使用Mbit的初始向量,加上40bit的字符串,构成64bit的WEP密钥。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">Wi-Fi联盟厂商以802.11i草案的子集为蓝图制定了称为WPA(Wi-FiProtectedAccess)安全认证方案。在WPA的设计中包含了认证、加密和数据完整性校验三个组成部分。首先是WPA使用了802.1X协议对用户的MAC地址进行认证;其次是WEP增大了密钥和初始向量的长度,以128bit的密钥和48位的初始向量(IV)用于RC4加密。WPA还采用了可以动态改变密钥的临时密钥完整性协议TKIP,以更频繁地变换密钥来减少安全风险。最后,WPA强化了数据完整性保护,使用报文完整性编码来检测伪造的数据包,并且在报文认证码中包含有帧计数器,还可以防止重放攻击。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(7)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">B</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930642503618561"],"itemList":[{"id":"794930642486841345","questionId":"794930640435826689","content":"共享密钥认证","answer":0,"chooseValue":"A"},{"id":"794930642503618561","questionId":"794930640435826689","content":"临时密钥完整性协议","answer":1,"chooseValue":"B"},{"id":"794930642520395777","questionId":"794930640435826689","content":"较短的初始化向量","answer":0,"chooseValue":"C"},{"id":"794930642541367297","questionId":"794930640435826689","content":"采用更强的加密算法","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930666524397569","title":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">如果发现网络的数据传输很慢,服务质量也达不到要求,应该首先检查</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>70)</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">的工作情况。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">如果网络的数据传输很慢,服务质量也达不到要求,通常先要检查网络层工作是否正常。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(70)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">C</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930668487331841"],"itemList":[{"id":"794930668424417281","questionId":"794930666524397569","content":"物理层","answer":0,"chooseValue":"A"},{"id":"794930668457971713","questionId":"794930666524397569","content":"会话层","answer":0,"chooseValue":"B"},{"id":"794930668487331841","questionId":"794930666524397569","content":"网络层","answer":1,"chooseValue":"C"},{"id":"794930668512497665","questionId":"794930666524397569","content":"传输层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930864512323585","title":"MD5是一种 ( ) 算法。","analyze":"MD5的全称是Message-digest Algorithm5,是计算机安全领域广泛使用的一种散列函数,用以提供消息的完整性保护。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930866378788865"],"itemList":[{"id":"794930866349428737","questionId":"794930864512323585","content":"共享密钥","answer":0,"chooseValue":"A"},{"id":"794930866366205953","questionId":"794930864512323585","content":"公开密钥","answer":0,"chooseValue":"B"},{"id":"794930866378788865","questionId":"794930864512323585","content":"报文摘要","answer":1,"chooseValue":"C"},{"id":"794930866391371777","questionId":"794930864512323585","content":"访问控制","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930821763977217","title":"安全电子邮件协议PGP不支持(65)。","analyze":"安全电子邮件协议PGP(Pretty Good Privacy)在电子邮件安全实施中被广泛采用,PGP通过单向散列算法对邮件内容进行签名,以保证信件内容无法被修改,使用公钥和私钥技术保证邮件内容保密且不可否认。发信人与收信人的公钥都保存在公开的地方,公钥的权威性则可以由第三方进行签名认证。","multi":0,"questionType":1,"answer":"A","chooseItem":["794930823609470977"],"itemList":[{"id":"794930823609470977","questionId":"794930821763977217","content":"压缩电子邮件","answer":1,"chooseValue":"A"},{"id":"794930823626248193","questionId":"794930821763977217","content":"确认电子邮件未被修改","answer":0,"chooseValue":"B"},{"id":"794930823647219713","questionId":"794930821763977217","content":"防止非授权者阅读电子邮件","answer":0,"chooseValue":"C"},{"id":"794930823663996929","questionId":"794930821763977217","content":"确认发送者的身份","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930770257924097","title":"<p>安全机制是实现安全服务的技术手段,一种安全机制可以提供多种安全服务,而一种安全服务也可采用多种安全机制。安全机制不能提供的安全服务是()。</p>","analyze":"<p>在安全的开放环境中,用户可以使用各种安全应用。安全应用由一些安全服务来实现;安全服务又是由各种安全机制或安全技术实现的,同一安全机制有时也可以用于实现不同的安全服务。</p><p>安全服务主要有如下内容。</p><p>(1)认证:包括实体认证与数据源认证;</p><p>(2)数据保密性:包括连接机密性、无连接机密性、选择域机密性与业务流机密性;</p><p>(3)数据完整性:包括有恢复连接完整性、无恢复连接完整性、选择域连接完整性、无连接完整性与选择域五连接完整性;</p><p>(4)抗抵赖性:包括有源端证据的抗抵赖性与有交付证据的抗抵赖性;</p><p>(5)访问控制:决定了谁能够访问系统,能访问系统的何种资源以及如何使用这些资源。适当的访问控制能够阻止未经允许的用户有意或无意地获取数据。访问控制的手段包括用户识别代码、口令、登录控制、资源授权(例如用户配置文件、资源配置文件和控制列表)、授权核查、日志和审计。</p><p>安全机制主要有如下内容。</p><p>(1)加密机制。存在加密机制意味着存在密钥管理机制;</p><p>(2)数字签名机制;</p><p>(3)访问控制机制;</p><p>(4)数据完整性机制;</p><p>(5)认证机制;</p><p>(6)通信业务填充机制;</p><p>(7)路由控制机制;</p><p>(8)公证机制。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930772120195073"],"itemList":[{"id":"794930772120195073","questionId":"794930770257924097","content":"数据保密性","answer":1,"chooseValue":"A"},{"id":"794930772136972289","questionId":"794930770257924097","content":"访问控制","answer":0,"chooseValue":"B"},{"id":"794930772153749505","questionId":"794930770257924097","content":"数字签名","answer":0,"chooseValue":"C"},{"id":"794930772166332417","questionId":"794930770257924097","content":"认证","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930972121387009","title":"<p>国密SM3是&nbsp;(31)&nbsp;算法。</p>","analyze":"<p>国密SM3是中华人民共和国政府采用的一种密码散列函数标准,由国家密码管理局于2010年12月17日发布。相关标准为“GM/T 0004-2012 《SM3密码杂凑算法》”。SM3主要用于数字签名及验证、消息认证码生成及验证、随机数生成等,其算法公开。据国家密码管理局表示,其安全性及效率与SHA-256相当。</p><p>参考答案:D</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930974025601025"],"itemList":[{"id":"794930973983657985","questionId":"794930972121387009","content":"加密","answer":0,"chooseValue":"A"},{"id":"794930974000435201","questionId":"794930972121387009","content":"数字签名","answer":0,"chooseValue":"B"},{"id":"794930974013018113","questionId":"794930972121387009","content":"认证","answer":0,"chooseValue":"C"},{"id":"794930974025601025","questionId":"794930972121387009","content":"报文摘要","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930761701543937","title":"在网络安全防护中,( )注重对网络安全状况的监管,通过监视网络或系统资源,寻找违反安全策略的行为或攻击迹象,并发出报警。","analyze":"<p>入侵检测与防护技术主要有两种:入侵检测系统和入侵防护系统。</p><p>入侵检测系统(IDS)注重的是网络安全状况的监管,通过监视网络或系统资源,寻找违反安全策略的行为或攻击迹象,并发出报警,属于被动防护。</p><p>入侵防护系统(IPS)则倾向于提供主动防护,注重对入侵行为的控制。其设计宗旨是预先对入侵活动和攻击性网络流量进行拦截,避免造成损失。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930763584786433"],"itemList":[{"id":"794930763551232001","questionId":"794930761701543937","content":"防火墙","answer":0,"chooseValue":"A"},{"id":"794930763568009217","questionId":"794930761701543937","content":"蜜罐技术","answer":0,"chooseValue":"B"},{"id":"794930763584786433","questionId":"794930761701543937","content":"入侵检测系统","answer":1,"chooseValue":"C"},{"id":"794930763601563649","questionId":"794930761701543937","content":"入侵防护系统","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930929356263425","title":"<p>确保计算机系统机密性的方法不包括 (30) 。</p>","analyze":"<p>加密、认证和授权均可用于确保计算机系统机密性。而数字签名用于保证发送方不可抵赖,但不能确保系统机密性。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930931243700225"],"itemList":[{"id":"794930931197562881","questionId":"794930929356263425","content":"加密","answer":0,"chooseValue":"A"},{"id":"794930931214340097","questionId":"794930929356263425","content":"认证","answer":0,"chooseValue":"B"},{"id":"794930931226923009","questionId":"794930929356263425","content":"授权","answer":0,"chooseValue":"C"},{"id":"794930931243700225","questionId":"794930929356263425","content":"数字签名","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930719003529217","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">( &nbsp;</span><span style=\"font-family:宋体\">)</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">不是蠕虫病毒。</span></span></p><p class=\"MsoNormal\" style=\"text-indent:20.7000pt;\"><br/></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">熊猫烧香是一种经过多次变种的计算机蠕虫病毒,</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">2006</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">年</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">10</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">月</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">16</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">日由</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">25</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">岁的中国湖北武汉新洲区人李俊编写,</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">2007</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">年</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">1</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">月初肆虐中国大陆网络,它主要透过网络下载的文件植入计算机系统。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: Courier; font-size: 10.5pt;\">“</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">红色代码</span></span><span style=\"font-family: &quot;Courier New&quot;; font-size: 10.5pt;\">”</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">病毒是一种新型网络病毒,其传播所使用的技术可以充分体现网络时代网络安全与病毒的巧妙结合,将网络蠕虫、计算机病毒、木马程序合为一体,开创了网络病毒传播的新路,可称之为划时代的病毒。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: Courier; font-size: 10.5pt;\">“</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">冰河</span></span><span style=\"font-family: &quot;Courier New&quot;; font-size: 10.5pt;\">”</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">木马病毒是国人编写的一种黑客性质的病毒,感染该病毒之后,黑客就可以通过网络远程控制该电脑。主要用于远程监控。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: Courier; font-size: 10.5pt;\">“</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">爱虫</span></span><span style=\"font-family: &quot;Courier New&quot;; font-size: 10.5pt;\">”</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">病毒,是一种蠕虫病毒,这个病毒可以改写本地及网络硬盘上面的某些文件。用户机器染毒以后,邮件系统将会变慢,并可能导致整个网络系统崩溃。</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: Courier; font-size: 10.5pt;\">C</span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930720907743233"],"itemList":[{"id":"794930720861605889","questionId":"794930719003529217","content":"熊猫烧香","answer":0,"chooseValue":"A"},{"id":"794930720886771713","questionId":"794930719003529217","content":"红色代码","answer":0,"chooseValue":"B"},{"id":"794930720907743233","questionId":"794930719003529217","content":"冰河","answer":1,"chooseValue":"C"},{"id":"794930720932909057","questionId":"794930719003529217","content":"爱虫病毒","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930663659687937","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">4G移动通信标准TD-LTE与LTE FDD的区别是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>69)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">4G移动通信标准TD-LTE(即TDD-LTE).与FDD-LTE的主要区别是划分上下行信道的方式不同,前者用时分多路方式,而后者用频分多路方式。其他方面大同小异。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">(69)</span><span style=\"font-family: 宋体; font-size: 10.5pt;\">B</span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930665551319041"],"itemList":[{"id":"794930665534541825","questionId":"794930663659687937","content":"频率的利用方式不同","answer":0,"chooseValue":"A"},{"id":"794930665551319041","questionId":"794930663659687937","content":"划分上下行信道的方式不同","answer":1,"chooseValue":"B"},{"id":"794930665568096257","questionId":"794930663659687937","content":"采用的调制方式有区别","answer":0,"chooseValue":"C"},{"id":"794930665584873473","questionId":"794930663659687937","content":"拥有专利技术的厂家不同","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930646513373185","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">信息系统安全可划分为物理安全、网络安全、系统安全和应用安全,</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>9)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">属于应用安全。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">机房安全属于物理安全,入侵检测属于网络安全,漏洞补丁管理属于系统安全,而数据库安全则是应用安全。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">&nbsp;</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(9)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">&nbsp;D</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930648430170113"],"itemList":[{"id":"794930648375644161","questionId":"794930646513373185","content":"机房安生","answer":0,"chooseValue":"A"},{"id":"794930648396615681","questionId":"794930646513373185","content":"入侵检测","answer":0,"chooseValue":"B"},{"id":"794930648413392897","questionId":"794930646513373185","content":"漏洞补丁管理","answer":0,"chooseValue":"C"},{"id":"794930648430170113","questionId":"794930646513373185","content":"数据库安全","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930672299954177","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">防火墙的工作层次是决定防火墙效率及安全的主要因素,下面的叙述中正确的是</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>7)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 21pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">防火墙的性能及特点主要由以下两方面所决定:</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">①工作层次,这是决定防火墙效率及安全的主要因素。一般来说,工作层次越低,则工作效率越高,但安全性就低了;反之,工作层次越高,工作效率越低,则安全性越高。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">②防火墙采用的机制,如果采用代理机制,则防火墙具有内部信息隐藏的特点,相对而言,安全性高,效率低;如果采用过滤机制,则效率高,安全性却降低了。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">D</span><strong><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></strong></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930674271277057"],"itemList":[{"id":"794930674216751105","questionId":"794930672299954177","content":"防火墙工作层次越低,则工作效率越高,同时安全性越高","answer":0,"chooseValue":"A"},{"id":"794930674233528321","questionId":"794930672299954177","content":"防火墙工作层次越低,则工作效率越低,同时安全性越低","answer":0,"chooseValue":"B"},{"id":"794930674254499841","questionId":"794930672299954177","content":"防火墙工作层次越高,则工作效率越高,同时安全性越低","answer":0,"chooseValue":"C"},{"id":"794930674271277057","questionId":"794930672299954177","content":"防火墙工作层次越高,则工作效率越低,同时安全性越高","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930680906665985","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">在地面上相距</span>2000公里的两地之间利用电缆传输4000比特长的数据包,数据速率为64kb/s,从开始发送到接收完成需要的时间为(64)。</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 31.05pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">一个数据包从开始发送到接收完成的时间包含发送时间</span>tf和传播延迟时间tp两部</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">:电信号传播速度为</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">200km/ms,</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">对电缆信道:</span>tp=2000km/(200km/ms)= 10ms,tf=4000b/64000b/s=62.5ms,tp+tf=72.5ms</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">(</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\">64)D</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930683175784449"],"itemList":[{"id":"794930682789908481","questionId":"794930680906665985","content":"48ms","answer":0,"chooseValue":"A"},{"id":"794930682857017345","questionId":"794930680906665985","content":"640ms","answer":0,"chooseValue":"B"},{"id":"794930683104481281","questionId":"794930680906665985","content":"62.5ms","answer":0,"chooseValue":"C"},{"id":"794930683175784449","questionId":"794930680906665985","content":"72.5ms","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930655187193857","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">所列出的</span>4个IPv6地址中,无效的地址是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>66)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">试题解析:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">无效的</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">IPv6</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">地址是</span>B.2001:3452:4955:2367::,最后一对冒号的写法是错误的。其他3种写法都正确,::192:168:0:1是一个IPv4地址,2002:c0a8:101::43中的双冒号表示4个双字节,2003:dead:beef:4dad:23:34:bb:101是完整的IPv6地址。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(66)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">B</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930657057853441"],"itemList":[{"id":"794930657041076225","questionId":"794930655187193857","content":"::192:168:0:1","answer":0,"chooseValue":"A"},{"id":"794930657057853441","questionId":"794930655187193857","content":":2001:3452:4955:2367::","answer":1,"chooseValue":"B"},{"id":"794930657074630657","questionId":"794930655187193857","content":"2002:c0a8:101::43","answer":0,"chooseValue":"C"},{"id":"794930657087213569","questionId":"794930655187193857","content":"2003:dead:beef:4dad:23:34:bb:101","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930827422093313","title":"在层次化网络设计方案中,通常在 (67)实现网络的访问策略控制。","analyze":"<p>在分层设计中,引入了三个关键层的概念:核心层、汇聚层和接入层。</p><p>通常将网络中直接面向用户连接或访问网络的部分称为接入层,将位于接入层和核心层之间的部分称为分布层或汇聚层。目的是允许终端用户连接到网络,主要解决相邻用户之间的互访需求,并且为这些访问提供足够的带宽,接入层还应当适当负责一些用户管理功能(如地址认证、用户认证、计费管理等),以及用户信息收集工作(如用户的IP地址、MAC地址、访问日志等)。</p><p>汇聚层是核心层和接入层的分界面,完成网络访问策略控制、数据包处理、过滤、寻址,以及其他数据处理的任务。汇聚层交换机是多台接入层交换机的汇聚点,它必须能够处理来自接入层设备的所有通信量,并提供到核心层的上行链路,因此,汇聚层交换机与接入层交换机比较,需要更高的性能、更少的接口和更高的交换速率。</p><p>网络主干部分称为核心层,核心层的主要目的在于通过高速转发通信,提供优化、可靠的骨干传输结构,因此,核心层交换机应拥有更高的可靠性,性能和吞吐量。核心层为网络提供了骨干组件或高速交换组件,在纯粹的分层设计中,核心层只完成数据交换的特殊任务。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930829389221889"],"itemList":[{"id":"794930829347278849","questionId":"794930827422093313","content":"应用层","answer":0,"chooseValue":"A"},{"id":"794930829368250369","questionId":"794930827422093313","content":"接入层","answer":0,"chooseValue":"B"},{"id":"794930829389221889","questionId":"794930827422093313","content":"汇聚层","answer":1,"chooseValue":"C"},{"id":"794930829405999105","questionId":"794930827422093313","content":"核心层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930960633188353","title":"网络地址转换(NAT)技术不能转换&nbsp;(23) 。","analyze":"<p>NAT技术包括3种类型:</p><p>(1)静态NAT(Static NAT):内部网络中的每个主机地址都被固定映射成外部网络中的某个合法的地址。</p><p>(2)动态地址NAT(Pooled NAT):在外部网络中定义了一系列的合法地址,采用动态分配的方法映射到内部网络地址。</p><p>(3)网络地址端口转换(Port-Level NAT):把内部地址映射到外部网络的一个IP地址的不同端口上。</p><p>至于IP地址转换为MAC地址,是ARP协议的职责。</p><p>参考答案:D</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930962675814401"],"itemList":[{"id":"794930962466099201","questionId":"794930960633188353","content":"局域网IP到外网IP","answer":0,"chooseValue":"A"},{"id":"794930962478682113","questionId":"794930960633188353","content":"外网IP到局域网IP","answer":0,"chooseValue":"B"},{"id":"794930962608705537","questionId":"794930960633188353","content":"外网端口到局域网端口","answer":0,"chooseValue":"C"},{"id":"794930962675814401","questionId":"794930960633188353","content":"IP地址到MAC地址","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930767409991681","title":"OSI(Open System Interconneetion)安全体系方案X.800将安全性攻击分为2类,即被动攻击和主动攻击。主动攻击包括篡改数据流或伪造数据流,这种攻击试图改变系统资源或影响系统运行。下列攻击方式中不属于主动攻击的为()。","analyze":"<p>被动攻击是对信息的保密性进行攻击,即通过窃听网络上传输的信息并加以分析从而获得有价值的情报,但它并不修改信息的内容。它的目标是获得正在传送的信息,其特点是偷听或监视信息的传递。被动攻击只对信息进行监听,不对其进行修改。被动攻击包括信息内容泄露和业务流分析2大类,具体如下。</p><p>(1)窃听:信息在通信过程中因被监视窃听而泄露;</p><p>(2)电磁或射频截获:信息从电子或机电设备所发出的无线电磁波中被提取出来;</p><p>(3)业务流分析:通过观察通信业务流模式,使非授权实体(人或系统)获得信息等。主动攻击是攻击信息来源的真实性、信息传输的完整性和系统服务的可用性,有意对信息进行修改、插入和删除。主要包括如下内容。</p><p>(1)截获或修改:某一通信数据在传输过程中被改变、插入和替代;</p><p>(2)重放:把所截获的某次合法通信数据复制,出于非法目的重新发送;</p><p>(3)伪装:某个实体假装成另一个实体,并获取该实体的权限;</p><p>(4)非法使用:某一资源被某个非授权实体或以某一非授权方式使用;</p><p>(5)服务拒绝:攻击者通过对系统进行非法的和根本无法成功的访问尝试而产生过量的负荷,使合法用户的访问无条件地被阻止;</p><p>(6)特洛伊木马:含有一个觉察不出或无害程序段的软件,当它被运行时,却能危害系统的安全;</p><p>(7)陷门:在某个系统或其部件中设置“机关”,使在提供特定的输入数据时发生违反安全策略的操作等。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930769297428481"],"itemList":[{"id":"794930769280651265","questionId":"794930767409991681","content":"伪装","answer":0,"chooseValue":"A"},{"id":"794930769297428481","questionId":"794930767409991681","content":"消息泄漏","answer":1,"chooseValue":"B"},{"id":"794930769314205697","questionId":"794930767409991681","content":"重放","answer":0,"chooseValue":"C"},{"id":"794930769335177217","questionId":"794930767409991681","content":"拒绝服务","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930793230127105","title":"如果要清除上网痕迹,必须 ( )。","analyze":"ActiveX是微软一系列策略性面向对象程序技术和工具,其中主要的技术是组件对象模型。ActiveX是微软为抗衡Sun Microsystems的java技术而提出的,其功能和java applet功能类似。ActiveX控件的使用并不保留上网痕迹。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930795125952513"],"itemList":[{"id":"794930795092398081","questionId":"794930793230127105","content":"禁用ActiveX控件","answer":0,"chooseValue":"A"},{"id":"794930795104980993","questionId":"794930793230127105","content":"查杀病毒","answer":0,"chooseValue":"B"},{"id":"794930795125952513","questionId":"794930793230127105","content":"清除Cookie","answer":1,"chooseValue":"C"},{"id":"794930795142729729","questionId":"794930793230127105","content":"禁用脚本","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930883726430209","title":"<p>安全电子邮件协议PGP不支持()。</p>","analyze":"<p>安全电子邮件协议PGP(Pretty Good Privacy)在电子邮件安全实施中被广泛采用,PGP通过单向散列算法对邮件内容进行签名,以保证信件内容无法被修改,使用公钥和私钥技术保证邮件内容保密且不可否认。发信人与收信人的公钥都保存在公开的地方,公钥的权威性则可以由第三方进行签名认证。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930885597089793"],"itemList":[{"id":"794930885597089793","questionId":"794930883726430209","content":"压缩电子邮件","answer":1,"chooseValue":"A"},{"id":"794930885626449921","questionId":"794930883726430209","content":"确认电子邮件未被修改","answer":0,"chooseValue":"B"},{"id":"794930885651615745","questionId":"794930883726430209","content":"防止非授权者阅读电子邮件","answer":0,"chooseValue":"C"},{"id":"794930885680975873","questionId":"794930883726430209","content":"确认发送者的身份","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930643594137601","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">信息系统安全可划分为物理安全、网络安全、系统安全和应用安全,</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>8)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">属于系统安全。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">机房安全属于物理安全,入侵检测属于网络安全,漏洞补丁管理属于系统安全,而数据库安全则是应用安全。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">8)</span><span style=\"font-family: 宋体; font-size: 10.5pt;\">C</span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930645578043393"],"itemList":[{"id":"794930645531906049","questionId":"794930643594137601","content":"机房安全","answer":0,"chooseValue":"A"},{"id":"794930645552877569","questionId":"794930643594137601","content":"入侵检测","answer":0,"chooseValue":"B"},{"id":"794930645578043393","questionId":"794930643594137601","content":"漏洞补丁管理","answer":1,"chooseValue":"C"},{"id":"794930645594820609","questionId":"794930643594137601","content":"数据库安全","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930807624978433","title":"<p>路由协议称为内部网关协议,自治系统之间的协议称为外部网关协议,以下属于外部网关协议的是(58)。</p>","analyze":"<p>内部网关协议IGP,是在自治网络系统内部主机和路由器间交换路由信息使用的协议,常用的有开放最短路径优先协议OSPF、路由信息协议RIP等。外部网关协议EGP,是可以在自治网络系统的相邻两个网关主机间交换路由信息的协议。边界网关协议BGP 构建在 EGP 的经验之上,能和其他的 BGP 系统交换网络可达信息。用户数据报协议UDP属于TCP/IP传输层协议,可以使应用程序发送数据包时,无需事先建立连接。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930809533386753"],"itemList":[{"id":"794930809487249409","questionId":"794930807624978433","content":"RIP","answer":0,"chooseValue":"A"},{"id":"794930809508220929","questionId":"794930807624978433","content":"OSPF","answer":0,"chooseValue":"B"},{"id":"794930809533386753","questionId":"794930807624978433","content":"BGP","answer":1,"chooseValue":"C"},{"id":"794930809554358273","questionId":"794930807624978433","content":"UDP","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930872435363841","title":"下面关于交换机的说法中,正确的是( )。 &nbsp;","analyze":"<p>现代以太网中,更多地使用交换机代替了网桥,只有在简单的小型网络中才用微机软件实现网桥功能。以太网交换机也是一种数据链路层设备,除传统的网桥功能之外,交换机吧共享介质变成了专用链路,使得网络的有效数据速率大大提高。集线器把节点集中在以它为中心的节点上,在网络中只起到信号发送和放大分发的作用,实际上就是一个中继器。由于集线器采用CDMA/CD介质访问控制方式,当一个节点发送数据时,与集线器相连的所有节点都可能接收到数据,因此通过集线器连接的一组工作站形成了一个冲突域。可见选项C是错误的。</p><p>以太网交换机改变了“共享介质”的工作方式,支持多个端口节点间的并发连接,实现多个节点之间数据的并发传输,选项D是错误的。</p><p>交换机主要用来实现多个局域网的互联,但是交换机工作在数据链路层,互联的局域网的物理层和数据链路层可以运行不同的协议,而数据链路层以上的高层必须采用相同的协议。因此选项A是错误的。路由器是在网络层上实现多个网络互联的设备。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930874335383553"],"itemList":[{"id":"794930874310217729","questionId":"794930872435363841","content":"以太网交换机可以连接运行不同网络层协议的网络","answer":0,"chooseValue":"A"},{"id":"794930874335383553","questionId":"794930872435363841","content":"从工作原理上讲,以太网交换机是一种多端口网桥","answer":1,"chooseValue":"B"},{"id":"794930874360549377","questionId":"794930872435363841","content":"集线器是一种特殊的交换机","answer":0,"chooseValue":"C"},{"id":"794930874385715201","questionId":"794930872435363841","content":"通过交换机连接的一组工作站形成一个冲突域","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930963619532801","title":"<p>建立TCP连接时,发起端收到SYN-ACK信号后所处的状态为&nbsp;(25) 。</p>","analyze":"<p>TCP连接建立时,发起端发送一个SYN信号,并进入SYN-SENT状态;接收端回复一个SYN-ACK信号,进入SYN-RCVD状态;发起端收到该信号即进入连接状态ESTABLISHED,并再发送一个ACK信号,接收端收到该信号之后也进入连接状态。以上即TCP连接建立的三次握手。</p><p>参考答案:B</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930965519552513"],"itemList":[{"id":"794930965477609473","questionId":"794930963619532801","content":"SYN SENT","answer":0,"chooseValue":"A"},{"id":"794930965519552513","questionId":"794930963619532801","content":"ESTABLISHED","answer":1,"chooseValue":"B"},{"id":"794930965548912641","questionId":"794930963619532801","content":"CLOSE-WAIT","answer":0,"chooseValue":"C"},{"id":"794930965586661377","questionId":"794930963619532801","content":"LAST-ACK","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930937883283457","title":"<p>关于网络安全防御技术的描述,不正确的是()。</p>","analyze":"<p>【试题分析】防火墙是一种较早使用、实用性很强的网络安全防御技术,它阻挡对网络的非法访问和不安全数据的传递,使得本地系统和网络免于受到许多网络安全威胁。在网络安全中,防火墙主要用于逻辑隔离外部网络与受保护的内部网络。防火墙主要是实现网络安全的安全策略,而这种策略是预先定义好的,所以是一种静态安全技术。在策略中涉及的网络访问行为可以实施有效管理,而策略之外的网络访问行为则无法控制。防火墙的安全策略由安全规则表示。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930939737165825"],"itemList":[{"id":"794930939737165825","questionId":"794930937883283457","content":"防火墙主要是实现网络安全的安全策略,可以对策略中涉及的网络访问行为实施有效管理,也可以对策略之外的网络访问行为进行控制","answer":1,"chooseValue":"A"},{"id":"794930939762331649","questionId":"794930937883283457","content":"入侵检测系统注重的是网络安全状况的监督,绝大多数IDS系统都是被动的","answer":0,"chooseValue":"B"},{"id":"794930939787497473","questionId":"794930937883283457","content":"蜜罐技术是一种主动防御技术,是一个“诱捕”攻击者的陷阱","answer":0,"chooseValue":"C"},{"id":"794930939808468993","questionId":"794930937883283457","content":"虚拟专业网络实在公网中建立专用的、安全的数据通信通道","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930796233248769","title":"MD5是一种 ( &nbsp;)算法。","analyze":"MD5的全称是Message-digest Algorithm5,是计算机安全领域广泛使用的一种散列函数,用以提供消息的完整性保护。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930798112296961"],"itemList":[{"id":"794930798078742529","questionId":"794930796233248769","content":"共享密钥","answer":0,"chooseValue":"A"},{"id":"794930798095519745","questionId":"794930796233248769","content":"公开密钥","answer":0,"chooseValue":"B"},{"id":"794930798112296961","questionId":"794930796233248769","content":"报文摘要","answer":1,"chooseValue":"C"},{"id":"794930798133268481","questionId":"794930796233248769","content":"访问控制","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930775970566145","title":"如果使用大量的连接请求攻击计算机,使得所有可用的系统资源都被消耗殆尽,最终计算机无法再处理合法用户的请求,这种手段属于()攻击。","analyze":"<p>网络攻击的主要手段包括口令入侵、放置特洛伊木马程序、拒绝服务(DoS)攻击、端口扫描、网络监听、欺骗攻击和电子邮件攻击等。</p><p>口令入侵是指使用某些合法用户的账号和口令登录到目的主机,然后再实施攻击活动。</p><p>特洛伊木马(Trojans)程序常被伪装成工具程序或游戏,一旦用户打开了带有特洛伊木马程序的邮件附件,或从网上直接下载,或执行了这些程序之后,当用户连接到互联网上时,这个程序就会将用户的IP地址及被预先设定的端口通知黑客。</p><p>拒绝服务(DoS)攻击目的是使计算机或网络无法提供正常的服务。最常见的拒绝服务攻击有网络带宽攻击和连通性攻击。带宽攻击指以极大的通信量冲击网络,使得所有可用网络资源都被消耗殆尽,最后导致合法的用户请求无法通过。连通性攻击是指用大量的连接请求冲击计算机,使得所有可用的操作系统资源都被消耗殆尽,最终计算机无法再处理合法用户的请求。</p><p>端口扫描就是利用Socket编程与目标主机的某些端口建立TCP连接、进行传输协议的验证等,从而侦知目标主机的扫描端口是否处于激活状态、主机提供了哪些服务、提供的服务中是否含有某些缺陷等。</p><p>网络监听是主机的一种工作模式,在这种模式下,主机可以接收到本网段在同一条物理通道上传输的所有信息。使用网络监听工具可轻而易举地截取包括口令和账号在内的信息资料。</p><p>欺骗攻击是攻击者创造一个易于误解的上下文环境,以诱使受攻击者进入并且做出缺乏安全考虑的决策。IP欺骗是欺骗攻击的一种,IP欺骗的实现过程是:使得被信任的主机丧失工作能力,同时采样目标主机发出的TCP序列号,猜测出它的数据序列号。然后,伪装成被信任的主机,同时建立起与目标主机基于地址验证的应用连接。如果成功,黑客可以使用一种简单的命令放置一个系统后门,以进行非授权操作。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930777832837121"],"itemList":[{"id":"794930777832837121","questionId":"794930775970566145","content":"拒绝服务","answer":1,"chooseValue":"A"},{"id":"794930777849614337","questionId":"794930775970566145","content":"口令入侵","answer":0,"chooseValue":"B"},{"id":"794930777870585857","questionId":"794930775970566145","content":"网络监听","answer":0,"chooseValue":"C"},{"id":"794930777887363073","questionId":"794930775970566145","content":"IP欺骗","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930758874583041","title":"信息系统安全技术中,关于信息认证、加密、数字签名的描述,正确的是 ( ) 。","analyze":"<p>(1)认证总是基于某种收发双方共享的保密数据来认证被鉴别对象的真实性,而数字签名中用于验证签名的数据是公开的。</p><p>(2)认证允许收发双方互相验证其真实性,不准许第三者验证,而数字签名允许收发双方和第三者都能验证。</p><p>(3)数字签名具有发送方不能抵赖、接收方不能伪造和具有在公证人前解决纠纷的能力,而认证则不一定具备。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930760728465409"],"itemList":[{"id":"794930760728465409","questionId":"794930758874583041","content":"数字签名具备发送方不能抵赖、接收方不能伪造的能力","answer":1,"chooseValue":"A"},{"id":"794930760749436929","questionId":"794930758874583041","content":"数字签名允许收发双方互相验证其真实性,不准许第三方验证","answer":0,"chooseValue":"B"},{"id":"794930760766214145","questionId":"794930758874583041","content":"认证允许收发双方和第三方验证","answer":0,"chooseValue":"C"},{"id":"794930760787185665","questionId":"794930758874583041","content":"认证中用来鉴别对象真实性的数据是公开的","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930801874587649","title":"下面关于交换机的说法中,正确的是 ( &nbsp;)。","analyze":"<p>现代以太网中,更多地使用交换机代替了网桥,只有在简单的小型网络中才用微机软件实现网桥功能。以太网交换机也是一种数据链路层设备,除传统的网桥功能之外,交换机吧共享介质变成了专用链路,使得网络的有效数据速率大大提高。集线器把节点集中在以它为中心的节点上,在网络中只起到信号发送和放大分发的作用,实际上就是一个中继器。由于集线器采用CDMA/CD介质访问控制方式,当一个节点发送数据时,与集线器相连的所有节点都可能接收到数据,因此通过集线器连接的一组工作站形成了一个冲突域。可见选项C是错误的。</p><p>以太网交换机改变了“共享介质”的工作方式,支持多个端口节点间的并发连接,实现多个节点之间数据的并发传输,选项D是错误的。</p><p>交换机主要用来实现多个局域网的互联,但是交换机工作在数据链路层,互联的局域网的物理层和数据链路层可以运行不同的协议,而数据链路层以上的高层必须采用相同的协议。因此选项A是错误的。路由器是在网络层上实现多个网络互联的设备。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930803762024449"],"itemList":[{"id":"794930803745247233","questionId":"794930801874587649","content":"以太网交换机可以连接运行不同网络层协议的网络","answer":0,"chooseValue":"A"},{"id":"794930803762024449","questionId":"794930801874587649","content":"从工作原理上讲,以太网交换机是一种多端口网桥","answer":1,"chooseValue":"B"},{"id":"794930803778801665","questionId":"794930801874587649","content":"集线器是一种特殊的交换机","answer":0,"chooseValue":"C"},{"id":"794930803799773185","questionId":"794930801874587649","content":"通过交换机连接的一组工作站形成一个冲突域","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930935085682689","title":"<p>以下 (32) 属于在无线加密技术WPA2中采用的加密算法。</p>","analyze":"<p>RSA是一种非对称加密算法。</p><p>安全套接层(SSL)协议是一个安全传输、保证数据完整的安全协议,处于应用层和传输层之间。</p><p>AES和DES是对称加密算法。</p><p>WEP协议和WPA协议用于在无线网络接入中提供加密方案,底层采用的是RC4对称加密算法。</p><p>WPA2协议提升了安全性,底层采用的是AES对称加密算法。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930936964730881"],"itemList":[{"id":"794930936926982145","questionId":"794930935085682689","content":"RSA","answer":0,"chooseValue":"A"},{"id":"794930936947953665","questionId":"794930935085682689","content":"SSL","answer":0,"chooseValue":"B"},{"id":"794930936964730881","questionId":"794930935085682689","content":"AES","answer":1,"chooseValue":"C"},{"id":"794930936985702401","questionId":"794930935085682689","content":"DES","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930918023254017","title":"<p>某校园网的地址是202.115.192.0/20, 要把该网络分成32个子网,则子网掩码该是 (26) 。</p>","analyze":"<p>原网络位有20位,需要划分成<img style=\"max-width:100%;height:auto\"  src=\"https://image.chaiding.com/ruankao/9ec6eab30798174ff6ab98fd7d94ec72.png?x-oss-process=style/ruankaodaren\" title=\"9ec6eab30798174ff6ab98fd7d94ec72.png\" alt=\"image.png\"/>=32个子网,则需要增加5位,划分子网后的网络位长度=原网络位+子网位=20+5=25位,则子网掩码是十六进制的FF.FF.FF.80,即十进制的255.255.255.128。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930919931662337"],"itemList":[{"id":"794930919877136385","questionId":"794930918023254017","content":"255.255.200.0","answer":0,"chooseValue":"A"},{"id":"794930919898107905","questionId":"794930918023254017","content":"255.255.224.0","answer":0,"chooseValue":"B"},{"id":"794930919910690817","questionId":"794930918023254017","content":"255.255.254.0","answer":0,"chooseValue":"C"},{"id":"794930919931662337","questionId":"794930918023254017","content":"255.255.255.128","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930652205043713","title":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">使用</span>netstat-o命令可</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>65)</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","analyze":"<p><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">试题解析:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">Netstat命令用于显示TCP连接。Netstat命令的语法如下:</span><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">netstat[-a][-e][-n][-o][-pProtocol][-r][-s][Interval]</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">对以上参数解释如下。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-a:显示所有活动的TCP连接,以及正在监听的TCP和UDP端口。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-e:显示以太网统计信息,例如发送和接收的字节数,以及出错的次数等。这个参数可以与-s参数联合使用。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-n:显示活动的TCP连接,地址和端口号以数字形式表示。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-o:显示活动的TCP连接以及每个连接对应的进程在Windows任务管理器中可以找到与进程ID对应的应用。这个参数可以与-a、-n和-p联合使用。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-p:Protoco/用标识符Protocol指定要显示的协议,可以是TCP、UDP、TCPv6或者UDPv6。如果与参数-s联合使用,则可以显示协议TCP、UDP、ICMP、IP、TCPv6、UDPv6、ICMPv6或IPv6的统计数据。u2003</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-s:显示每个协议的统计数据。默认情况下,统计TCP、UDP、ICMP和IP协议发送和接收的数据包、出错的数据包、连接成功或失败的次数等。如果与-p参数联合使用,可以指定要显示统计数据的协议。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•-r:显示IP路由表的内容,其作用等价于路由打印命令routeprint。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">•Interval:说明重新显示信息的时间间隔,键入Ctrl+C则停止显示。如果不使用这个参数,则只显示一次。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(65)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">D</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930654264446977"],"itemList":[{"id":"794930654142812161","questionId":"794930652205043713","content":"显示所测试网络的IP、ICMP、TCP、UDP协议的统计信息","answer":0,"chooseValue":"A"},{"id":"794930654188949505","questionId":"794930652205043713","content":"显示以太网统计信息","answer":0,"chooseValue":"B"},{"id":"794930654230892545","questionId":"794930652205043713","content":"以数字格式显示所有连接、地址及端口","answer":0,"chooseValue":"C"},{"id":"794930654264446977","questionId":"794930652205043713","content":"显示每个连接的进程ID","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930660828532737","title":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">如果在网络的入口处通过设置</span>ACL封锁了TCP和UDP端口21、23和25,则能够访问该网络的应用是</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>68)</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">试题解析:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">由于</span>TCP和UDP端口21、23和25被封锁,它们分别是FTP、Telnet和SMTP的端口号,所以只有DNS应用可以访问该网络。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(68)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">B</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930662703386625"],"itemList":[{"id":"794930662690803713","questionId":"794930660828532737","content":"FTP","answer":0,"chooseValue":"A"},{"id":"794930662703386625","questionId":"794930660828532737","content":"DNS","answer":1,"chooseValue":"B"},{"id":"794930662724358145","questionId":"794930660828532737","content":"SMTP","answer":0,"chooseValue":"C"},{"id":"794930662741135361","questionId":"794930660828532737","content":"Telnet","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930824607715329","title":"关于FTP和TFTP的描述,正确的是(66)。","analyze":"FTP(File Transfer Protocol,文件传输协议)是TCP/IP的—种具体应用,它工作在OSI模型的第7层。TCP模型的第4层上,即应用层,使用TCP传输,FTP连接是可靠的,而且是面向连接,为数据的传输提供了可靠的保证。 TFTP(Trivial File Transfer Protocol,简单文件传送协议)的功能与FTP类似,但是为了保持简单和短小,TFTP使用UDP协议。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930826495152129"],"itemList":[{"id":"794930826461597697","questionId":"794930824607715329","content":"FTP和TFTP都是基于TCP协议","answer":0,"chooseValue":"A"},{"id":"794930826478374913","questionId":"794930824607715329","content":"FTP和TFTP都是基于UDP协议","answer":0,"chooseValue":"B"},{"id":"794930826495152129","questionId":"794930824607715329","content":"FTP基于TCP协议、TFTP基于UDP协议","answer":1,"chooseValue":"C"},{"id":"794930826511929345","questionId":"794930824607715329","content":"FTP基于UDP协议、TFTP基于TCP","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930764511727617","title":"<p>配置SMTP服务器时,邮件服务器中默认开放TCP的&nbsp;(24)&nbsp;端口。</p><p><br/></p>","analyze":"<p>SMTP(Simple Mail Transfer Protocol,简单邮件传输协议)是一组用于从源地址到目的地址传送邮件的规则,并且控制信件的中转路由方式。SMTP使用TCP端口25。</p><p>参考答案:B</p><p><br/></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930766424330241"],"itemList":[{"id":"794930766378192897","questionId":"794930764511727617","content":"21","answer":0,"chooseValue":"A"},{"id":"794930766424330241","questionId":"794930764511727617","content":"25","answer":1,"chooseValue":"B"},{"id":"794930766462078977","questionId":"794930764511727617","content":"53","answer":0,"chooseValue":"C"},{"id":"794930766495633409","questionId":"794930764511727617","content":"110","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930957802033153","title":"根据统计显示,80%的网络攻击源于内部网络,因此,必须加强对内部网络的安全控制和防护。下面的措施中,无助于提高同一局域网内安全性的措施是()。","analyze":"防火墙对内部发生的攻击事件无能为力。","multi":0,"questionType":1,"answer":"D","chooseItem":["794930959727218689"],"itemList":[{"id":"794930959672692737","questionId":"794930957802033153","content":"使用防病毒软件","answer":0,"chooseValue":"A"},{"id":"794930959689469953","questionId":"794930957802033153","content":"使用日志审计系统","answer":0,"chooseValue":"B"},{"id":"794930959706247169","questionId":"794930957802033153","content":"使用入侵检测系统","answer":0,"chooseValue":"C"},{"id":"794930959727218689","questionId":"794930957802033153","content":"使用防火墙防止内部攻击","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930756056010753","title":"数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密,接收方用发送方的公钥验证真伪。生成消息摘要的目的是( ),对摘要进行加密的目的是(请作答此空)。","analyze":"<p>报文摘要用于为发送的报文生成一个非常小的摘要信息,这个摘要信息保证原报文的完整性,原报文只要有一位被改变,则摘要信息就会不匹配。</p><p>用私钥对摘要加密不仅保证了摘要的私密性,还可以防止抵赖,因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930757918281729"],"itemList":[{"id":"794930757901504513","questionId":"794930756056010753","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930757918281729","questionId":"794930756056010753","content":"防止抵赖","answer":1,"chooseValue":"B"},{"id":"794930757935058945","questionId":"794930756056010753","content":"防止篡改","answer":0,"chooseValue":"C"},{"id":"794930757947641857","questionId":"794930756056010753","content":"防止重放","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930704617066497","title":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;mso-ascii-font-family:Calibri;mso-hansi-font-family:Calibri;mso-bidi-font-family:&#39;Times New Roman&#39;;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">下列攻击行为中,属于典型被动攻击的是(</span>&nbsp;&nbsp;</span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;mso-ascii-font-family:Calibri;mso-hansi-font-family:Calibri;mso-bidi-font-family:&#39;Times New Roman&#39;;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">)。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">显然选项</span>ABD<span style=\"font-family:宋体\">都属于主动攻击。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">C</span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930706605166593"],"itemList":[{"id":"794930706533863425","questionId":"794930704617066497","content":"拒绝服务攻击","answer":0,"chooseValue":"A"},{"id":"794930706571612161","questionId":"794930704617066497","content":"会话拦截","answer":0,"chooseValue":"B"},{"id":"794930706605166593","questionId":"794930704617066497","content":"系统干涉","answer":1,"chooseValue":"C"},{"id":"794930706638721025","questionId":"794930704617066497","content":"修改数据命令","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930721847267329","title":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent:20.7000pt;\"><span style=\"text-indent: 20.55pt; font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"text-indent: 20.55pt; font-family: Calibri; font-size: 10.5pt;\"><span style=\"font-family:宋体\">以下关于以太网的叙述中,不正确的是</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: Calibri; font-size: 10.5pt;\"><span style=\"font-family:宋体\">( &nbsp;&nbsp;</span></span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: Calibri; font-size: 10.5pt;\"><span style=\"font-family:宋体\">)</span></span></span><span style=\"text-indent: 20.55pt; font-family: 宋体; font-size: 10.5pt;\">&nbsp;</span><span style=\"text-indent: 20.55pt; font-family: Calibri; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #FFFFFF;\"><span style=\"font-family:宋体\">在传统共享以太网中,所有的节点共享传输介质,采用</span>CSMA/CD冲突检测的载波监听多路访问技术实现传输介质共享。以太网的最小帧长64Byte,最大帧长1518Byte,其中有效载荷(数据)46~1500Byte.</span><span style=\"font-family: 宋体; font-size: 10.5pt; background: #FFFFFF;\"></span></p><p class=\"MsoNormal\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 黑体; font-size: 10.5pt;\"><span style=\"font-family:黑体\">:</span></span><span style=\"font-family: 黑体; font-size: 10.5pt;\">D</span><span style=\"font-family: 黑体; font-size: 10.5pt;\">&nbsp; &nbsp;&nbsp;</span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930723772452865"],"itemList":[{"id":"794930723705344001","questionId":"794930721847267329","content":"采用了载波侦听技术","answer":0,"chooseValue":"A"},{"id":"794930723726315521","questionId":"794930721847267329","content":"具有冲突检测功能","answer":0,"chooseValue":"B"},{"id":"794930723751481345","questionId":"794930721847267329","content":"支持半双工和全双工模式","answer":0,"chooseValue":"C"},{"id":"794930723772452865","questionId":"794930721847267329","content":"以太网的帧长度固定","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930897991258113","title":"<p>据统计显示,80%的网络攻击源于内部网络,因此,必须加强对内部网络的安全控制和防护。下面的措施中,无助于提高同一局域网内安全性的措施是()。</p>","analyze":"<p>防火墙对内部发生的攻击事件无能为力。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930899874500609"],"itemList":[{"id":"794930899824168961","questionId":"794930897991258113","content":"使用防病毒软件","answer":0,"chooseValue":"A"},{"id":"794930899840946177","questionId":"794930897991258113","content":"使用日志审计系统","answer":0,"chooseValue":"B"},{"id":"794930899857723393","questionId":"794930897991258113","content":"使用入侵检测系统","answer":0,"chooseValue":"C"},{"id":"794930899874500609","questionId":"794930897991258113","content":"使用防火墙防止内部攻击","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930649352916993","title":"<p><br/></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">网络管理系统中故障管理的目标是</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>64)</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">。</span></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">试题解析:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">ISO/IEC7498-4文档定义了网络管理的相关知识,其中故障管理的目标应包括:故障监测、故障报警、故障信息管理、排错支持工具、检索/分析故障信息等内容。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:(</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">64)</span><span style=\"font-family: 宋体; font-size: 10.5pt;\">D</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930651273908225"],"itemList":[{"id":"794930651215187969","questionId":"794930649352916993","content":"自动排除故障","answer":0,"chooseValue":"A"},{"id":"794930651231965185","questionId":"794930649352916993","content":"优化网络性能","answer":0,"chooseValue":"B"},{"id":"794930651252936705","questionId":"794930649352916993","content":"提升网络安全","answer":0,"chooseValue":"C"},{"id":"794930651273908225","questionId":"794930649352916993","content":"自动监测故障","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930675189829633","title":"<p><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">在入侵检测系统中,事件分析器接收事件信息并对其进行分析,判断是否为入侵行为或异常现象,其常用的三种分析方法中不包括</span></span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>8)</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">。</span></span><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;line-height:150%;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"></span></p>","analyze":"<p><span style=\"font-family:宋体\">入侵检测系统由</span><span style=\"font-family: 宋体; font-size: 10.5pt; text-indent: 21pt;\">4个模块组成:事件产生器、事件分析器、事件数据库和响应单元。其中,事件分析器负责接收事件信息并对其进行分析,判断是否为入侵行为或异常现象,其分析方法有以下三种:①模式匹配:将收集到的信息与已知的网络入侵数据库进行比较,从而发现违背安全策略的行为;②统计分析:首先给系统对象(例如用户、文件、目录和设备等)建立正常使用时的特征文件(Profile),这些特征值将被用来与网络中发生的行为进行比较。当观察值超出正常值范围时,就认为有可能发生入侵行为;③数据完整性分析:主要关注文件或系统对象的属性是否被修改,这种方法往往用于事后的审计分析。</span><br/></p><p class=\"MsoNormal\" style=\"margin-left: 0pt; text-indent: 0pt; line-height: 150%;\"><span style=\"font-family: 宋体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:宋体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">B</span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930677089849345"],"itemList":[{"id":"794930677073072129","questionId":"794930675189829633","content":"模式匹配","answer":0,"chooseValue":"A"},{"id":"794930677089849345","questionId":"794930675189829633","content":"密文分析","answer":1,"chooseValue":"B"},{"id":"794930677102432257","questionId":"794930675189829633","content":"数据完整性分析","answer":0,"chooseValue":"C"},{"id":"794930677119209473","questionId":"794930675189829633","content":"统计分析","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930637122326529","title":"<p><br/></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">IEEE 802.1x是一种基于</span><span style=\"text-decoration:underline;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">(</span>6)</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">认证协议。</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 21pt; line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">IEEE802.1X协议实现基于端口(MAC地址(的访问控制。认证系统对连接到链路对端的请求者进行认证。一般在用户接入设备上实现802.1X认证。在认证通过之前,802.1X只允许EAPoL(基于局域网的扩展认证协议(数据通过设备连接的交换机端口;认证通过以后,正常的数据可以顺利地通过以太网端口。</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"line-height: 150%;\"><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"><span style=\"font-family:宋体\">参考答案:</span></span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">(6)</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\">C</span><span style=\"font-family: 宋体; line-height: 150%; font-size: 10.5pt;\"></span></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930639370473473"],"itemList":[{"id":"794930639332724737","questionId":"794930637122326529","content":"用户ID","answer":0,"chooseValue":"A"},{"id":"794930639349501953","questionId":"794930637122326529","content":"报文","answer":0,"chooseValue":"B"},{"id":"794930639370473473","questionId":"794930637122326529","content":"MAC地址","answer":1,"chooseValue":"C"},{"id":"794930639387250689","questionId":"794930637122326529","content":"SSID","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930701630722049","title":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"mso-spacerun:&#39;yes&#39;;font-family:宋体;mso-ascii-font-family:Calibri;mso-hansi-font-family:Calibri;mso-bidi-font-family:&#39;Times New Roman&#39;;font-size:10.5000pt;mso-font-kerning:1.0000pt;\"><span style=\"font-family:宋体\">与</span> HTTP <span style=\"font-family:宋体\">相比,</span><span style=\"font-family:Calibri\">HTTPS </span><span style=\"font-family:宋体\">协议对传输的内容进行加密,更加安全。</span><span style=\"font-family:Calibri\">HTTPS </span><span style=\"font-family:宋体\">基于</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">SSL</span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">安全协议,其默认端口是(&nbsp;</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\">&nbsp;<span style=\"font-family:宋体\">)。</span></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><br/></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">HTTPS<span style=\"font-family:宋体\">(</span><span style=\"font-family:Calibri\">Secure Hypertext Transfer Protocol</span><span style=\"font-family:宋体\">)安全超文本传输协议。它是一个安全通信通道,基于</span><span style=\"font-family:Calibri\">HTTP</span><span style=\"font-family:宋体\">开发,用于在客户计算机和服务器之间交换信息。</span><span style=\"font-family:Calibri\">HTTPS</span><span style=\"font-family:宋体\">使用安全套接字层</span><span style=\"font-family:Calibri\">(SSL)</span><span style=\"font-family:宋体\">进行信息交换,简单来说它是</span><span style=\"font-family:Calibri\">HTTP</span><span style=\"font-family:宋体\">的安全版。 &nbsp;&nbsp;&nbsp;</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;&nbsp;HTTPS<span style=\"font-family:宋体\">和</span><span style=\"font-family:Calibri\">HTTP</span><span style=\"font-family:宋体\">的区别:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;•&nbsp;<span style=\"font-family:Calibri\">https</span><span style=\"font-family:宋体\">协议需要到</span><span style=\"font-family:Calibri\">ca</span><span style=\"font-family:宋体\">申请证书,一般免费证书很少,需要交费。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;•&nbsp;<span style=\"font-family:Calibri\">http</span><span style=\"font-family:宋体\">是超文本传输协议,信息是明文传输,</span><span style=\"font-family:Calibri\">https&nbsp;</span><span style=\"font-family:宋体\">则是具有安全性的</span><span style=\"font-family:Calibri\">ssl</span><span style=\"font-family:宋体\">加密传输协议。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;•&nbsp;<span style=\"font-family:Calibri\">http</span><span style=\"font-family:宋体\">和</span><span style=\"font-family:Calibri\">https</span><span style=\"font-family:宋体\">使用的是完全不同的连接方式用的端口也不一样,前者是</span><span style=\"font-family:Calibri\">80</span><span style=\"font-family:宋体\">,后者是</span><span style=\"font-family:Calibri\">443</span><span style=\"font-family:宋体\">。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;•&nbsp;<span style=\"font-family:Calibri\">http</span><span style=\"font-family:宋体\">的连接很简单,是无状态的。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\">&nbsp;HTTPS<span style=\"font-family:宋体\">协议是由</span><span style=\"font-family:Calibri\">SSL+HTTP</span><span style=\"font-family:宋体\">协议构建的可进行加密传输、身份认证的网络协议,要比</span><span style=\"font-family:Calibri\">http</span><span style=\"font-family:宋体\">协议安全。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">B</span></p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930703669153793"],"itemList":[{"id":"794930703656570881","questionId":"794930701630722049","content":"1023","answer":0,"chooseValue":"A"},{"id":"794930703669153793","questionId":"794930701630722049","content":"443","answer":1,"chooseValue":"B"},{"id":"794930703685931009","questionId":"794930701630722049","content":"80","answer":0,"chooseValue":"C"},{"id":"794930703702708225","questionId":"794930701630722049","content":"8080","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930804726714369","title":"以下用于在网络应用层和传输层之间提供加密方案的协议是 (57) 。","analyze":"PGP是一个完整的电子邮件安全软件包,包括加密、鉴别、电子签名和压缩等技术;IPSec是在IP包级为IP业务提供保护的安全协议标准;DES是一利常用的对称加密算法。","multi":0,"questionType":1,"answer":"B","chooseItem":["794930806635122689"],"itemList":[{"id":"794930806597373953","questionId":"794930804726714369","content":"PGP","answer":0,"chooseValue":"A"},{"id":"794930806635122689","questionId":"794930804726714369","content":"SSL","answer":1,"chooseValue":"B"},{"id":"794930806668677121","questionId":"794930804726714369","content":"IPSec","answer":0,"chooseValue":"C"},{"id":"794930806706425857","questionId":"794930804726714369","content":"DES","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930710388428801","title":"<p><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">以下关于防火墙功能特性的叙述中,不正确的是( &nbsp;</span></span><span style=\"text-indent: 20.7pt; font-family: 宋体; font-size: 10.5pt;\">&nbsp;<span style=\"font-family:宋体\">)</span></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><br/></p>","analyze":"<p><br/></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">防火墙最基本的功能就是控制在计算机网络中,不同信任程度区域间传送的数据流。防火墙对流经它的网络通信进行扫描,这样能够过滤掉一些攻击,以免其在目标计算机上被执行。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">防火墙还可以关闭不使用的端口,隐蔽内部细节。所有的访问都经过防火墙,防火墙就能记录下这些访问并作出日志记录,同时也能提供网络使用情况的统计数据。</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"></span></p><p class=\"MsoNormal\" style=\"text-indent: 20.7pt;\"><span style=\"font-family: 黑体; font-size: 10.5pt; background: #7F7F7F;\"><span style=\"font-family:黑体\">参考答案</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\"><span style=\"font-family:宋体\">:</span></span><span style=\"font-family: 宋体; font-size: 10.5pt;\">D</span></p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930712317808641"],"itemList":[{"id":"794930712271671297","questionId":"794930710388428801","content":"控制进出网络的数据包和数据流向","answer":0,"chooseValue":"A"},{"id":"794930712288448513","questionId":"794930710388428801","content":"提供流量信息的日志和审计","answer":0,"chooseValue":"B"},{"id":"794930712305225729","questionId":"794930710388428801","content":"隐藏内部IP以及网络结构细节","answer":0,"chooseValue":"C"},{"id":"794930712317808641","questionId":"794930710388428801","content":"提供漏洞扫描功能","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930744815276033","title":"在客户机上运行nslookup查询某服务器名称时能解析出IP地址,查询IP地址时却不能解析出服务器名称,解决这一问题的方法是( )。","analyze":"PTR记录是反向记录,通过IP查询域名。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930746694324225"],"itemList":[{"id":"794930746656575489","questionId":"794930744815276033","content":"清除DNS缓存","answer":0,"chooseValue":"A"},{"id":"794930746677547009","questionId":"794930744815276033","content":"刷新DNS缓存","answer":0,"chooseValue":"B"},{"id":"794930746694324225","questionId":"794930744815276033","content":"为该服务器创建PTR记录","answer":1,"chooseValue":"C"},{"id":"794930746706907137","questionId":"794930744815276033","content":"重启DNS服务","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930886599528449","title":"<p>关于FTP和TFTP的描述,正确的是()。</p>","analyze":"<p>FTP(File Transfer Protocol,文件传输协议)是TCP/IP的—种具体应用,它工作在OSI模型的第7层。TCP模型的第4层上,即应用层,使用TCP传输,FTP连接是可靠的,而且是面向连接,为数据的传输提供了可靠的保证。 TFTP(Trivial File Transfer Protocol,简单文件传送协议)的功能与FTP类似,但是为了保持简单和短小,TFTP使用UDP协议。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930888545685505"],"itemList":[{"id":"794930888461799425","questionId":"794930886599528449","content":"FTP和TFTP都是基于TCP协议","answer":0,"chooseValue":"A"},{"id":"794930888503742465","questionId":"794930886599528449","content":"FTP和TFTP都是基于UDP协议","answer":0,"chooseValue":"B"},{"id":"794930888545685505","questionId":"794930886599528449","content":"FTP基于TCP协议、TFTP基于UDP协议","answer":1,"chooseValue":"C"},{"id":"794930888583434241","questionId":"794930886599528449","content":"FTP基于UDP协议、TFTP基于TCP","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930844794900481","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密, 接收方用发送方的公钥验证真伪。生成消息摘要的目的是( 8&nbsp;),对摘要进行加密的目的是( 9&nbsp;)。</p>","analyze":"<p>报文摘要用于对发送的报文生成一个非常小的摘要信息。这个摘要信息保证原报文的完整性,即原报文只要有一位被改变,则摘要信息就会不匹配。</p><p>用私钥对摘要做加密,不仅保证了摘要的私密性,还可以防止抵赖。因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930846682337281"],"itemList":[{"id":"794930846640394241","questionId":"794930844794900481","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930846661365761","questionId":"794930844794900481","content":"防止抵赖","answer":0,"chooseValue":"B"},{"id":"794930846682337281","questionId":"794930844794900481","content":"防止篡改","answer":1,"chooseValue":"C"},{"id":"794930846703308801","questionId":"794930844794900481","content":"防止重放","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930816139415553","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p>某Web网站向CA申请了数字证书。用户登录该网站时,通过验证 (69) ,可确认该数字证书的有效性,从而 (70) 。","analyze":"Web网站向CA申请数字证书。用户登录该网站时,通过验证CA的签名,来确认该数字证书的有效性,从而验证该网站的真伪。","multi":0,"questionType":1,"answer":"A","chooseItem":["794930817997492225"],"itemList":[{"id":"794930817997492225","questionId":"794930816139415553","content":"CA的签名","answer":1,"chooseValue":"A"},{"id":"794930818010075137","questionId":"794930816139415553","content":"网站的签名","answer":0,"chooseValue":"B"},{"id":"794930818026852353","questionId":"794930816139415553","content":"会话密钥","answer":0,"chooseValue":"C"},{"id":"794930818047823873","questionId":"794930816139415553","content":"DES密码","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930923698147329","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>信息系统的安全是一个复杂的综合体,涉及系统的方方面面,其中计算机使用人员的安全意识属于 (28) 。存有数据的媒体的安全是属于 (29) 。</p>","analyze":"<p>信息系统的安全是一个复杂的综合体,涉及系统的方方面面,主要包括实体安全、信息安全、运行安全和人员安全等。</p><p>1)实体安全:计算机及相关设备、设施(含网络)统称为系统的实体。实体安全是指保护计算机设备、设施和其他媒体免遭地震、水灾、火灾、有害气体和其他环境事故(例如,电磁辐射等)破坏的措施和过程。实体安全又可分为环境安全、设备安全和媒体安全3个方面。</p><p>2)运行安全:实质是保证系统的正常运行,不因偶然的或恶意的侵扰而遭到破坏,使系统可靠、连续地运行,服务不受中断。运行安全包括系统风险管理、审计跟踪、备份与恢复、应急等4个方面。</p><p>3)信息安全:确保信息的保密性、完整性、可用性和可控性。信息安全可分为操作系统安全、数据库安全、网络安全、病毒防护、访问控制、数据加密和认证(鉴别)7个方面。</p><p>4)人员安全:包括计算机使用人员的安全意识、法律意识和安全技能等。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930925560418305"],"itemList":[{"id":"794930925543641089","questionId":"794930923698147329","content":"信息安全","answer":0,"chooseValue":"A"},{"id":"794930925560418305","questionId":"794930923698147329","content":"人员安全","answer":1,"chooseValue":"B"},{"id":"794930925577195521","questionId":"794930923698147329","content":"运行安全","answer":0,"chooseValue":"C"},{"id":"794930925593972737","questionId":"794930923698147329","content":"实体安全","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930830316163073","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(68),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是(69)位。","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930832274903041"],"itemList":[{"id":"794930832224571393","questionId":"794930830316163073","content":"比非对称密码算法更安全","answer":0,"chooseValue":"A"},{"id":"794930832245542913","questionId":"794930830316163073","content":"比非对称密码算法密钥长度更长","answer":0,"chooseValue":"B"},{"id":"794930832274903041","questionId":"794930830316163073","content":"比非对称密码算法效率更高","answer":1,"chooseValue":"C"},{"id":"794930832300068865","questionId":"794930830316163073","content":"还能同时用于身份认证","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930946364166145","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p>ARP 报文分为ARP Request和ARP Response,其中ARP Request采用()进行传送,ARP Response采用()进行传送。","analyze":"ARP request报文用来获取目的主机的MAC地址,ARP request报文采用广播的方式在网络上传送,该网络中所有主机包括网关都会接受到此ARP request 报文。接收到报文的目的主机会返回一个ARP Response报文来响应,ARP Response报文是以单播的方式传送的。","multi":0,"questionType":1,"answer":"A","chooseItem":["794930948230631425"],"itemList":[{"id":"794930948230631425","questionId":"794930946364166145","content":"广播","answer":1,"chooseValue":"A"},{"id":"794930948251602945","questionId":"794930946364166145","content":"组播","answer":0,"chooseValue":"B"},{"id":"794930948272574465","questionId":"794930946364166145","content":"多播","answer":0,"chooseValue":"C"},{"id":"794930948293545985","questionId":"794930946364166145","content":"单播","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930878101868545","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>ARP 报文分为ARP Request和ARP Response,其中ARP Request采用()进行传送,ARP Response采用(请作答此空)进行传送。</p>","analyze":"<p>ARP request报文用来获取目的主机的MAC地址,ARP request报文采用广播的方式在网络上传送,该网络中所有主机包括网关都会接受到此ARP request 报文。接收到报文的目的主机会返回一个ARP Response报文来响应,ARP Response报文是以单播的方式传送的。</p>","multi":0,"questionType":1,"answer":"A","chooseItem":["794930879947362305"],"itemList":[{"id":"794930879947362305","questionId":"794930878101868545","content":"广播","answer":1,"chooseValue":"A"},{"id":"794930879964139521","questionId":"794930878101868545","content":"组播","answer":0,"chooseValue":"B"},{"id":"794930879980916737","questionId":"794930878101868545","content":"多播","answer":0,"chooseValue":"C"},{"id":"794930879997693953","questionId":"794930878101868545","content":"单播","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930892312170497","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是()位。</p>","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930894199607297"],"itemList":[{"id":"794930894161858561","questionId":"794930892312170497","content":"比非对称密码算法更安全","answer":0,"chooseValue":"A"},{"id":"794930894182830081","questionId":"794930892312170497","content":"比非对称密码算法密钥长度更长","answer":0,"chooseValue":"B"},{"id":"794930894199607297","questionId":"794930892312170497","content":"比非对称密码算法效率更高  <br/>","answer":1,"chooseValue":"C"},{"id":"794930894216384513","questionId":"794930892312170497","content":"还能同时用于身份认证","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930940731215873","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密, 接收方用发送方的公钥验证真伪。生成消息摘要的目的是(),对摘要进行加密的目的是()。</p>","analyze":"【试题分析】报文摘要用于对发送的报文生成一个非常小的摘要信息。这个摘要信息保证原报文的完整性,即原报文只要有一位被改变,则摘要信息就会不匹配。<p>用私钥对摘要做加密,不仅保证了摘要的私密性,还可以防止抵赖。因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。<br/></p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930942614458369"],"itemList":[{"id":"794930942580903937","questionId":"794930940731215873","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930942593486849","questionId":"794930940731215873","content":"防止抵赖","answer":0,"chooseValue":"B"},{"id":"794930942614458369","questionId":"794930940731215873","content":"防止篡改","answer":1,"chooseValue":"C"},{"id":"794930942631235585","questionId":"794930940731215873","content":"防止重放","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930784455643137","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p><p>在TCP协议中,建立连接需要经过(1)阶段,终止连接需要经过(2请作答此空)阶段。</p>","analyze":"TCP协议是面向连接的可靠的协议,为了防止产生错误的连接,通过3次握手来同步通信双方序号;在数据传输结束后,TCP需释放连接,释放连接使用了4次握手过程。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930786418577409"],"itemList":[{"id":"794930786364051457","questionId":"794930784455643137","content":"直接握手","answer":0,"chooseValue":"A"},{"id":"794930786389217281","questionId":"794930784455643137","content":"2次握手","answer":0,"chooseValue":"B"},{"id":"794930786418577409","questionId":"794930784455643137","content":"3次握手","answer":1,"chooseValue":"C"},{"id":"794930786443743233","questionId":"794930784455643137","content":"4次握手","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930952097779713","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是()位。","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930953993605121"],"itemList":[{"id":"794930953964244993","questionId":"794930952097779713","content":"比非对称密码算法更安全","answer":0,"chooseValue":"A"},{"id":"794930953976827905","questionId":"794930952097779713","content":"比非对称密码算法密钥长度更长","answer":0,"chooseValue":"B"},{"id":"794930953993605121","questionId":"794930952097779713","content":"比非对称密码算法效率更高","answer":1,"chooseValue":"C"},{"id":"794930954006188033","questionId":"794930952097779713","content":"还能同时用于身份认证","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930778805915649","title":"<p><strong>请作答第<span style=\"color: red\">1</span>空。</strong></p>ICMP协议属于因特网中的(1)协议,ICMP协议数据单元封装在(2)中传送。","analyze":"<p>ICMP(Internet Control Message Protocol)与IP协议同属于网络层,用于传送有关通信问题的消息,例如数据报不能到达目标站,路由器没有足够的缓存空间,或者路由器向发送主机提供最短通路信息等。ICMP报文封装在IP数据报中传送,因而不保证可靠的提交。ICMP报文有11种之多,报文格式如下图所示。其中的类型字段表示ICMP报文的类型,代码字段可表示报文的少量参数,当参数较多时写入32位的参数字段,ICMP报文携带的信息包含在可变长的信息字段中,校验和字段是关于整个ICMP报文的校验和。</p><img style=\"max-width:100%;height:auto\"  src=\"https://image.chaiding.com/ruankao/c8d10468e74f6a57707cdd5cc716c68a.jpg?x-oss-process=style/ruankaodaren\" title=\"c8d10468e74f6a57707cdd5cc716c68a.jpg\" alt=\"1.jpg\"/>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930780689158145"],"itemList":[{"id":"794930780672380929","questionId":"794930778805915649","content":"数据链路层","answer":0,"chooseValue":"A"},{"id":"794930780689158145","questionId":"794930778805915649","content":"网络层","answer":1,"chooseValue":"B"},{"id":"794930780710129665","questionId":"794930778805915649","content":"传输层","answer":0,"chooseValue":"C"},{"id":"794930780731101185","questionId":"794930778805915649","content":"会话层","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930926499942401","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>信息系统的安全是一个复杂的综合体,涉及系统的方方面面,其中计算机使用人员的安全意识属于 (28) 。存有数据的媒体的安全是属于 (29) 。</p>","analyze":"<p>信息系统的安全是一个复杂的综合体,涉及系统的方方面面,主要包括实体安全、信息安全、运行安全和人员安全等。</p><p>1)实体安全:计算机及相关设备、设施(含网络)统称为系统的实体。实体安全是指保护计算机设备、设施和其他媒体免遭地震、水灾、火灾、有害气体和其他环境事故(例如,电磁辐射等)破坏的措施和过程。实体安全又可分为环境安全、设备安全和媒体安全3个方面。</p><p>2)运行安全:实质是保证系统的正常运行,不因偶然的或恶意的侵扰而遭到破坏,使系统可靠、连续地运行,服务不受中断。运行安全包括系统风险管理、审计跟踪、备份与恢复、应急等4个方面。</p><p>3)信息安全:确保信息的保密性、完整性、可用性和可控性。信息安全可分为操作系统安全、数据库安全、网络安全、病毒防护、访问控制、数据加密和认证(鉴别)7个方面。</p><p>4)人员安全:包括计算机使用人员的安全意识、法律意识和安全技能等。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930928446099457"],"itemList":[{"id":"794930928366407681","questionId":"794930926499942401","content":"人员安全","answer":0,"chooseValue":"A"},{"id":"794930928395767809","questionId":"794930926499942401","content":"信息安全","answer":0,"chooseValue":"B"},{"id":"794930928420933633","questionId":"794930926499942401","content":"运行安全","answer":0,"chooseValue":"C"},{"id":"794930928446099457","questionId":"794930926499942401","content":"实体安全","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930833218621441","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(68),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是(69)位。","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930835173167105"],"itemList":[{"id":"794930835122835457","questionId":"794930833218621441","content":"56","answer":0,"chooseValue":"A"},{"id":"794930835143806977","questionId":"794930833218621441","content":"64","answer":0,"chooseValue":"B"},{"id":"794930835173167105","questionId":"794930833218621441","content":"128","answer":1,"chooseValue":"C"},{"id":"794930835198332929","questionId":"794930833218621441","content":"256","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930949199515649","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p>ARP 报文分为ARP Request和ARP Response,其中ARP Request采用()进行传送,ARP Response采用()进行传送。","analyze":"ARP request报文用来获取目的主机的MAC地址,ARP request报文采用广播的方式在网络上传送,该网络中所有主机包括网关都会接受到此ARP request 报文。接收到报文的目的主机会返回一个ARP Response报文来响应,ARP Response报文是以单播的方式传送的。","multi":0,"questionType":1,"answer":"D","chooseItem":["794930951145672705"],"itemList":[{"id":"794930951103729665","questionId":"794930949199515649","content":"组播","answer":0,"chooseValue":"A"},{"id":"794930951116312577","questionId":"794930949199515649","content":"广播","answer":0,"chooseValue":"B"},{"id":"794930951133089793","questionId":"794930949199515649","content":"多播","answer":0,"chooseValue":"C"},{"id":"794930951145672705","questionId":"794930949199515649","content":"单播","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930787366490113","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>在TCP协议中,建立连接需要经过(1)阶段,终止连接需要经过(2请作答此空)阶段。</p>","analyze":"TCP协议是面向连接的可靠的协议,为了防止产生错误的连接,通过3次握手来同步通信双方序号;在数据传输结束后,TCP需释放连接,释放连接使用了4次握手过程。","multi":0,"questionType":1,"answer":"C","chooseItem":["794930789346201601"],"itemList":[{"id":"794930789308452865","questionId":"794930787366490113","content":"2次握手","answer":0,"chooseValue":"A"},{"id":"794930789329424385","questionId":"794930787366490113","content":"直接握手","answer":0,"chooseValue":"B"},{"id":"794930789346201601","questionId":"794930787366490113","content":"4次握手","answer":1,"chooseValue":"C"},{"id":"794930789362978817","questionId":"794930787366490113","content":"3次握手","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930943549788161","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密, 接收方用发送方的公钥验证真伪。生成消息摘要的目的是(),对摘要进行加密的目的是()。</p>","analyze":"【试题分析】报文摘要用于对发送的报文生成一个非常小的摘要信息。这个摘要信息保证原报文的完整性,即原报文只要有一位被改变,则摘要信息就会不匹配。<p>用私钥对摘要做加密,不仅保证了摘要的私密性,还可以防止抵赖。因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930945420447745"],"itemList":[{"id":"794930945399476225","questionId":"794930943549788161","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930945420447745","questionId":"794930943549788161","content":"防止抵赖","answer":1,"chooseValue":"B"},{"id":"794930945441419265","questionId":"794930943549788161","content":"防止重放","answer":0,"chooseValue":"C"},{"id":"794930945458196481","questionId":"794930943549788161","content":"防止篡改","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930781632876545","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p>ICMP协议属于因特网中的(1)协议,ICMP协议数据单元封装在(2)中传送。","analyze":"<p>ICMP(Internet Control Message Protocol)与IP协议同属于网络层,用于传送有关通信问题的消息,例如数据报不能到达目标站,路由器没有足够的缓存空间,或者路由器向发送主机提供最短通路信息等。ICMP报文封装在IP数据报中传送,因而不保证可靠的提交。ICMP报文有11种之多,报文格式如下图所示。其中的类型字段表示ICMP报文的类型,代码字段可表示报文的少量参数,当参数较多时写入32位的参数字段,ICMP报文携带的信息包含在可变长的信息字段中,校验和字段是关于整个ICMP报文的校验和。</p><img style=\"max-width:100%;height:auto\"  src=\"https://image.chaiding.com/ruankao/c8d10468e74f6a57707cdd5cc716c68a.jpg?x-oss-process=style/ruankaodaren\" title=\"c8d10468e74f6a57707cdd5cc716c68a.jpg\" alt=\"1.jpg\"/>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930783537090561"],"itemList":[{"id":"794930783478370305","questionId":"794930781632876545","content":"以太帧","answer":0,"chooseValue":"A"},{"id":"794930783495147521","questionId":"794930781632876545","content":"TCP段","answer":0,"chooseValue":"B"},{"id":"794930783520313345","questionId":"794930781632876545","content":"UDP数据报","answer":0,"chooseValue":"C"},{"id":"794930783537090561","questionId":"794930781632876545","content":"IP数据报","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930880903663617","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>ARP 报文分为ARP Request和ARP Response,其中ARP Request采用()进行传送,ARP Response采用(请作答此空)进行传送。</p>","analyze":"<p>ARP request报文用来获取目的主机的MAC地址,ARP request报文采用广播的方式在网络上传送,该网络中所有主机包括网关都会接受到此ARP request 报文。接收到报文的目的主机会返回一个ARP Response报文来响应,ARP Response报文是以单播的方式传送的。</p>","multi":0,"questionType":1,"answer":"D","chooseItem":["794930882807877633"],"itemList":[{"id":"794930882757545985","questionId":"794930880903663617","content":"广播","answer":0,"chooseValue":"A"},{"id":"794930882774323201","questionId":"794930880903663617","content":"组播","answer":0,"chooseValue":"B"},{"id":"794930882791100417","questionId":"794930880903663617","content":"多播","answer":0,"chooseValue":"C"},{"id":"794930882807877633","questionId":"794930880903663617","content":"单播","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930954941517825","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是()位。","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930956866703361"],"itemList":[{"id":"794930956812177409","questionId":"794930954941517825","content":"56","answer":0,"chooseValue":"A"},{"id":"794930956841537537","questionId":"794930954941517825","content":"64","answer":0,"chooseValue":"B"},{"id":"794930956866703361","questionId":"794930954941517825","content":"128","answer":1,"chooseValue":"C"},{"id":"794930956887674881","questionId":"794930954941517825","content":"256","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930847617667073","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>数字签名首先需要生成消息摘要,然后发送方用自己的私钥对报文摘要进行加密, 接收方用发送方的公钥验证真伪。生成消息摘要的目的是( 8&nbsp;),对摘要进行加密的目的是( 9&nbsp;)。</p>","analyze":"<p>报文摘要用于对发送的报文生成一个非常小的摘要信息。这个摘要信息保证原报文的完整性,即原报文只要有一位被改变,则摘要信息就会不匹配。</p><p>用私钥对摘要做加密,不仅保证了摘要的私密性,还可以防止抵赖。因为只有匹配的公钥能够解开。也就是说,如果用某人的公钥能够解开报文,说明就是某人做的。</p>","multi":0,"questionType":1,"answer":"B","chooseItem":["794930849475743745"],"itemList":[{"id":"794930849458966529","questionId":"794930847617667073","content":"防止窃听","answer":0,"chooseValue":"A"},{"id":"794930849475743745","questionId":"794930847617667073","content":"防止抵赖","answer":1,"chooseValue":"B"},{"id":"794930849488326657","questionId":"794930847617667073","content":"防止篡改","answer":0,"chooseValue":"C"},{"id":"794930849509298177","questionId":"794930847617667073","content":"防止重放","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930895134937089","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p><p>为了保障数据的存储和传输安全,需要对一些重要数据进行加密。由于对称密码算法(),所以特别适合对大量的数据进行加密。国际数据加密算法IDEA的密钥长度是()位。</p>","analyze":"<p>对称密码算法都可以用于加密,但是由于对称密码算法加解密效率比非对称算法高很多,因此常用于对大量数据的加密。</p><p>IDEA算法是在DES的基础上发展出来的,类似于3DES。发展IDEA的原因是因为DES算法密钥太短。IDEA的密钥长度为128位。</p>","multi":0,"questionType":1,"answer":"C","chooseItem":["794930897047539713"],"itemList":[{"id":"794930897013985281","questionId":"794930895134937089","content":"56","answer":0,"chooseValue":"A"},{"id":"794930897030762497","questionId":"794930895134937089","content":"64","answer":0,"chooseValue":"B"},{"id":"794930897047539713","questionId":"794930895134937089","content":"128","answer":1,"chooseValue":"C"},{"id":"794930897068511233","questionId":"794930895134937089","content":"256","answer":0,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794930818953793537","title":"<p><strong>请作答第<span style=\"color: red\">2</span>空。</strong></p>某Web网站向CA申请了数字证书。用户登录该网站时,通过验证 (69) ,可确认该数字证书的有效性,从而 (70) 。","analyze":"Web网站向CA申请数字证书。用户登录该网站时,通过验证CA的签名,来确认该数字证书的有效性,从而验证该网站的真伪。","multi":0,"questionType":1,"answer":"D","chooseItem":["794930820853813249"],"itemList":[{"id":"794930820795092993","questionId":"794930818953793537","content":"向网站确认自己的身份","answer":0,"chooseValue":"A"},{"id":"794930820811870209","questionId":"794930818953793537","content":"获取访问网站的权限","answer":0,"chooseValue":"B"},{"id":"794930820832841729","questionId":"794930818953793537","content":"和网站进行双向认证","answer":0,"chooseValue":"C"},{"id":"794930820853813249","questionId":"794930818953793537","content":"验证该网站的真伪","answer":1,"chooseValue":"D"}],"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null},{"id":"794918061781045249","title":"<br><p>【说明】 某公司长期从事计算机产品的研制工作,公司领导为了响应国家军民融合的发展战略,决定 要积极参与我国军用设备领域的研制工作,将本公司的计算机及软件产品通过提升和改造, 应用到军用装备的安全关键系统中。公司为了承担军用产品的研发任务,公司领导将论证工 作交给王工负责。王工经调研分析,提交了一份完整论证报告。</p><p>【问题 1】 (12 分)</p><p>论证报告指出:我们公司长期从事民用市场的计算机研制工作,在研制流程、管理方法以及 环境试验等方面都不能达到军用设备相关技术要求。要承担武器装备生产研制工作,就必须 建立公司的武器装备生产研制质量体系,需要拿到军方或政府部门颁发的资格认证。从技术 上讲,军用设备产品大部分都属于安全关键系统,其计算机及软件的缺陷会导致武器装备失效,因此,公司技术人员应及早掌握相关安全性基本概念和相关设计知识。</p><p>1)企业要承担武器装备产品生产任务,需获得一些资格认证,请列举两种资格认证名称。</p><p>2)请说明安全关键系统的定义,并列举出两个安全关键系统的实例设备。</p><p>3)请简要说明安全性(safety)的具体含义,并给出产品设计时,安全性分析通常采用哪两种方法?</p>","analyze":"<p>无</p>","multi":0,"questionType":3,"answer":"<p>(1)、民企参军从事军工科研生产需先取得&quot;军工四证&quot;。即:</p><p>国军标准质量管理体系认证,简称国军标认证;</p><p>武器装备科研生产单位保密资质认证,简称:保密认证;</p><p>武器装备科研生产许可证认证,简称:许可证认证</p><p>装备承制单位资格名录认证,简称:名录认证。</p><p>(2)、安全关键系统是指系统功能一旦失效将引起生命、财产等重大损失以及环境可能遭受到严重破坏的系统。如相控阵雷达系统、歼10的航空电子系统等</p><p>(3)安全性分析是一种军用系统研制初期开始进行的系统性检查、研究和分析方法,用于检查系统或设备在每种使用模式中的工作状态,确定潜在的危险,预计危险对人员或设备损坏的严重性和可能性,并确定消除或减少的方法,以便在事故发生之前尽量消除或减少发生的概率。</p><p>安全性分析方法有FMEA故障模式影响分析、FTA故障树分析、PFMEA过程失效模式及后果分析、HAZOP危险与可操作性分析、ZSA区域安全性分析、PHA初步危险分析等。</p>","chooseItem":null,"itemList":null,"userAnswer":null,"userChooseItem":null,"answerCorrect":null,"userCollect":null}]}}