《信息系统安全》课程期末考试试卷
考试试卷:√ A卷、B卷
考试形式:闭、√ 开卷,允许带___任何纸张__入场
考试日期: 年 月 日,考试时间:120分钟
诚信考试,沉着应考,杜绝违纪。
考生姓名:
学号:
所属院系:
_
总 分
评卷人
Instructions: each question has exactly one correct answer. Plea fill in your answers in
the table below. GRADING IS BASED ON THE TABLE, not what you write on the
questions.
1
2
3
C
4
5
B
6
7
8
9
10
C
C
A
A
B
D
B
B
11
A
12
A
13
B
14
A
15
C
16
D
17
A
18
D
19
C
20
D
21
B
22
C
23
B
24
B
25
D
26
B
27
B
28
B
29
B
30
C
31
B
32
A
33
A
34
B
35
B
36
D
37
C
38
A
39
A
40
A
41
C
42
D
43
B
44
C
45
C
46
A
47
D
48
A
49
C
50
A
大学生英语自我介绍
1. Buffer overflow rfhattack works by exploiting which attackfirebird surface?
A. Network attack surface
B. Human attack surface
C. Software attack surface
D. All of the above
ANS: ________________
C
2. DoS attack by flooding ping command works by exploiting which attack surface?
A. Network attack surface
B. Human attack surface
C. Software attack surface
D. befamousforAll of the above
ANS: ________________
A
3. Which of the following is NOT a symmetric encryption algorithm?
A. DES
B. Triple DES
C. SHA-1
D. AES
ANS: ________________
C
4. Which of the following is NOT a public-key cryptography algorithm?
A. MD5
B. RSA
C. Diffe-Hellman
D. Elliptic Curve Cryptography
ANS: ________________
A
5. In the following figure for biometric authentication, what is the effect of moving the
decision threshold more to the left side?
A. There will be more fal positives, i.e.,白马王子的英文 genuine urs will be more likely to be identified
as imposters.
B. There will be more fal negatives, i.e., imposters will be more likely to be identified as
genuine urs.
C. It has no effect on the fal positive or fal negative rates.
D. None of the above
ANS: ________________
B
6. Which of the following is NOTwhy not的用法 one of the purpos of salt in the UNIX password file?
A. increa difficulty of offline dictionary attacks
B. improve performance of the authentication process at runtime
C. prevents duplicate passwords from being visible in the password file
D. makes it difficult to find out whether a person with passwords on two or more systems
has ud the same password on all of them
ANS: ________________
B
7. Consider the graph of英语面试对话3分钟稿子 cascaded granting of access rights below, where Ann grants the
access right to Bob at time t = 10 and to Chris at time t = 20, and so on. If sometime later,
Chris revokes access rights from David, what will happen to the access rights granted by
David to Ellen, and access rights granted by David to Frank?
A. Access rights granted by David to Ellen should be revoked, and access rights granted by
David to Frank should stay valid
B. Access rights granted by David to Ellen should stay valid, and access rights granted by
David to Frank should be revoked
C. Both should be revoked
D. Both should stay valid
ANS: ________________
D
8. Scanning traffic is characteristic of which type of malware?
A. Trojans
B. Worms
C. Virus
D. Spam
E. Clickjacking
ANS: ________________
B
9. Displaying a fake QQ or Alipay login screen to collect ur login credentials and nd
them to the attacker is a form of
A. DoS attack
B. Phishing attack
C. Worm
D. Polymorphic virus
E. Metamorphic virus
ANS: ________________
B
10. What is a DNS amplification attack?
A. Launch a flooding attack against a DNS rver, to render it unavailable to provide DNS
rvice to DNS clients.
B. Change the DNS rver configuration and redirect traffic from correct to the wrong sites
in order to perform phishing attacks
C. U a DNS rver as the reflector intermediary to launch a flooding attack on some ot
her
target machines.
D. None of the above
ANS: ________________
C
11. Consider the three-way handshake protocol for TCP connection tup shown below. What
is the target of the TCP SYN spoofing气馁 attack?
A. Server
B. Client
C. Host at the spoofed source address
D. Random host on the internet
ANS: ________________
A
12. What is the target of the TCP SYN flood attack?
A. Server
B. Client
C. Host at the spoofed source address
D. Random host on the internet
ANS: ________________
A
13. 小学法制教育讲话稿True or fal: in TCP SYN spoofing attack, the attacker’s network must have higher
bandwidth than the victim’s network in order to carry out the attack successfully.
dominate什么意思A. True
B. Fal
ANS: ________________
B
14. True or fal: in TCP SYN flood attack, the attacker’s network must have higher
