信息安全课后复习题(5页).doc

《信息安全课后复习题(5页).doc》由会员分享，可在线阅读，更多相关《信息安全课后复习题(5页).doc（5页珍藏版）》请在淘文阁 - 分享文档赚钱的网站上搜索。

1、-信息安全课后复习题-第 5 页Ch11. 威胁代理和威胁之间的差别是什么？Threat: an object, person, or other entity that represents a constant danger to an asset.Threat Agent: an object, person, or other entity that transfers a threat to an attack.2. 漏洞和暴露点之间的差别是什么？A vulnerability is an identified weakness of a controlled system wher

2、e controls are not present or are no longer effective.An exploit is a vulnerability that has been found.3. 黑客的定义近30年来是如何不断演化的？（T3-5）4. 在早期计算机时代，哪种类型的安全占主导地位？（T1-1）5. CIA三特性的三个组件是什么？其用途是什么？（T1-4）6. 如果CIA三特性不完整，为什么它还会经常使用在安全中？（T1-5）7. 描述信息的重要特征。如何在计算机安全的研究中使用它们？（T1-6）8. 给出一个信息系统的5个组件。哪个受计算机安全研究的影响最直接？

3、哪个与该研究的联系最频繁？（T1-7）9. 在计算机安全研究史上，什么系统是几乎所有现代多用户系统的始祖？MULTICS10. 哪篇文章是所有后续计算机安全研究的基础？Rand Report R-60911. 信息安全的自上而下方法为什么优于自下而上方法？（T2-1）12. 在信息安全的实现中，为什么方法学很重要？方法学如何改变实现过程？（T2-2）13. 谁与安全开发生命周期有关？谁领导了该过程？（T2-3）14. 信息安全的实践如何界定为既是一门艺术也是一门科学？作为社会科学的安全如何影响其实践？（T2-4）15. 谁最终负责机构内信息的安全？（T2-5）16. 在MULTICS项目和计算

4、机安全的早期开发之间的关系是什么？（T2-6）17. 计算机安全如何演化为现代信息安全？（T2-7）18. Rand Report R-609的重要性是什么？The movement toward security that went beyond protecting physical locations began with the Rand Report R-609, sponsored by the Department of Defense, which attempted to define multiple controls and mechanisms necessary fo

5、r the protection of a multilevel computer system.19. 发现一次入侵意味着什么？如何区分入侵与弱点？20. 谁领导安全小组？安全方案应该偏重于管理还是技术？（T2-9）Ch21. 为什么信息安全是一个管理问题？哪种工作管理员可以做而技术人员做不到？（T3-1）2. 为什么说数据是一个机构所拥有的最重要的资产？机构中还有什么其他资产需要保护？（T3-2）3. 保护运转（传输）中的数据及不使用（存储）的数据是非常重要的。还有什么其他数据是必须保护的？这三种状态哪一个最难保护？Data in motion, data at rest, and dat

6、a in use.Data in use.4. 如何区分信息安全的威胁与攻击？二者是如何交叠的？A threat is an object, person, or other entity that represents a constant danger to an asset.An attack is a deliberate act that exploits a vulnerability to compromise a controlled system.An attack is accomplished by a threat agent that damages or steal

7、s an organizations information or physical asset.5. 双重控制，比如2人确认，是如何减少人为错误或者失败行为带来的威胁的？还有什么控制能够减少这种威胁？（T3-3）6. 为什么员工是信息安全的最大威胁？（T3-4）7. 机构中的人员可以采取什么措施防止肩窥的发生？专业人员在工作场所解决信息安全问题时，有一个不成文的规定。当某人能够看到其他人向系统输入个人或者私密信息时，此人应该礼貌的转过头去。不这样做不但有失礼节，而且会被认为是一种侵犯隐私的行为，也是对机密信息安全的一种威胁。8. 黑客的理解能力在近些年是如何变化的？简要描述今天的黑客。（T3

8、-5）9. 专业黑客和非专业黑客的区别是什么（除了缺乏技术外）？针对这些不同该如何保护？（T3-6）10. 恶意工具有哪些类型？如何区分蠕虫与病毒？特洛伊木马是携带病毒还是蠕虫？Some of the more common instances of malicious code are viruses and worms, Trojan horses, logic bombs, back doors, and denial-of-service attacks.Computer viruses are segments of code that perform malicious actio

9、ns. This code behaves very much like a virus pathogen that attacks animals and plants by using the cells own replication machinery to propagate. The code attaches itself to the existing program and takes control of that programs access to the targeted computer.Worms are malicious programs that repli

10、cate themselves constantly without requiring another program to provide a safe environment for replication. Worms can continue replicating themselves until they completely fill available resources, such as memory, hard drive space, and network bandwidth.viruses11. 为什么多态性问题比传统的恶意工具引起了更多的关注？它是如何影响探测的？

11、A polymorphic threat changes over time, making it undetectable by techniques that are looking for preconfigured signatures. These threats actually evolve, changing their size and appearance to elude detection by antivirus software programs, making detection more of a challenge.同一个东西有多种表现形式。这使得对恶意代码的

12、检测更加困难。12. 最常见的知识产权侵害是什么？机构是如何防止这种侵害的？什么机构在与它做斗争？（T3-7）13. 自然灾害有哪些类型？哪一种类型是拉斯维加斯、俄克拉荷马城、迈阿密、洛杉矶最关注的？Fire, Flood, Earthquake, and etc.14. 技术淘汰对信息安全是如何构成威胁的？机构该如何应对？（T3-8）15. 缺陷和漏洞的区别是什么？Technical hardware failures or errors occur when a manufacturer distributes to users equipment containing a known o

13、r unknown flaw. These defects can cause the system to perform outside of expected parameters, resulting in unreliable or unavailable service.Some errors are terminal in that they result in the unrecoverable loss of the equipment. Some errors are intermittent in that they only periodically manifest t

14、hemselves, resulting in faults that are not easily repeated.16. 密码攻击有哪些类型？系统管理员应采取哪些措施来防止遭到攻击？（T3-9）17. 拒绝服务攻击与分布式拒绝服务的区别是什么？哪一个危险更大，破坏性更强？为什么？A denial-of-service attack begins when an attacker sends a large number of connection or information requests to a target. So many requests are made that the

15、 target system cannot handle them successfully along with other legitimate requests for service. This may result in the system crashing or simply becoming unable to perform ordinary functions.A distributed denial-of-service attack is one in which a coordinated stream of requests is launched against

16、a target from many locations at the same time.18. 针对成功的嗅探器攻击，攻击者必须做什么？攻击者如何获得网络的访问权来使用嗅探器系统？Sniffers are programs or devices that can monitor data traveling over a network. They can be used both for legitimate network management functions and for stealing information from a network.19. 社会工程黑客采取什么办法来

17、获得用户的注册信息和密码？对于这个类型的攻击，将目标锁定在管理员的助手上与锁定在数据输入人员上有什么不同？（T3-10）20. 什么是缓冲区溢出？在Web服务器上如何利用它？在通信过程中，两个实体的处理速度出现不协调时，就要使用缓冲区。缓冲区溢出是一个应用程序错误，给缓冲区发送的数据超过其处理能力时，缓冲区就会溢出。当缓冲区溢出时，攻击者能够使目标系统执行指令，或者利用该故障造成的其他后果。Ch31. 刑法与民法的区别是什么？（T4-1）2. 什么是民事侵权法？它允许个人做什么？（T4-2）3. 公共法律的主要案例是什么？（T4-3）4. 哪一项法律修订了1986年的计算机欺诈及滥用法？它改变

18、了什么？The Computer Fraud and Abuse Act of 1986 (CFA Act) is the cornerstone of many computer-related federal laws and enforcement efforts.The CFA Act was amended in October 1996 with the National Information Infrastructure Protection Act of 1996, which modified several sections of the CFA and increase

19、d the penalties for selected crimes.5. 正当通信法案的宪法解释是什么？6. 信息安全中的隐私指的是什么？（T4-4）7. Kennedy-Kassebaum法案（1996）的另一个名字是什么？为什么它对非卫生保健行业的机构是非常重要的？The Health Insurance Portability & Accountability Act Of 1996 (HIPAA), also known as the Kennedy-Kassebaum Act.The act requires organizations that retain health-ca

20、re information to use information security mechanisms to protect this information, as well as policies and procedures to maintain this security.It also requires a comprehensive assessment of the organizations information security systems, policies, and procedures.There is no specification of particu

21、lar security technologies for each of the security requirements, only that security must be implemented to ensure the privacy of the health-care information.8. 如果您为一个金融服务机构工作，如银行或者信用合作社，从1999年起哪一项法律影响您使用顾客数据？它还有什么其他方面的影响？The Financial Services Modernization Act, or Gramm-Leach-Bliley Act of 1999, re

22、quires all financial institutions to disclose their privacy policies on the sharing of nonpublic personal information. It also requires due notice to customers so that they can request that their information not be shared with third parties.9. 1999年的哪一项法律提供使用加密的指导？（T4-5）10. 什么是知识产权（IP）？它在世界上的每一个国家都提

23、供相同的保护吗？现在在美国和欧洲，什么法律保护IP？Intellectual property is recognized as a protected asset in the United States.No.Digital Millennium Copyright Act (DMCA)11. 2002年的Sarbanes-Oxley法案如何影响信息安全管理人员？The Sarbanes-Oxley Act of 2002, a critical piece of legislation that affects the executive management of publicly t

24、raded corporations and public accounting firms, seeks to improve the reliability and accuracy of financial reporting, as well as increase the accountability of corporate governance, in publicly traded companies.（财务报表法）Executives working in firms covered by this law will seek assurance on the reliabi

25、lity and quality of information systems from senior information technology managers who, in turn, will likely ask information security managers to verify the confidentiality and integrity of those same information systems.12. 什么是政策？它与法律的区别是什么？（T4-7）13. 不道德与非法行为一般分为哪3类？Three general causes of unethic

26、al and illegal behavior: ignorance, accident, intent.14. 防止不道德和非法行为最好的方法是什么？（T4-8）15. 本章所列的机构中，哪一个机构建立的时间最长？它是什么时候建立的？ACM, 194716. 本章所列的机构中，哪一个机构主要关注审计和控制？（T4-9）17. 本章所列的机构中，哪一个机构发起了全球信息担保认证（GIAC）计划？（T4-10）18. 什么是责任心？为什么机构要确保它在日常工作中有责任心？（T4-11）19. 当阻止犯罪时，应该做什么？（T4-12）20. 责任关注程度如何区别于责任心？为什么二者都很重要？（T4-13）