CISSP总复习
中国墙 Chinese Wall
堆栈溢出执行代码是通过函数的返回地址。
经过验证的应用程序安全原则
From a security perspective, which of the following is a best practice to configure a Domain Name Service (DNS) system? 从安全角度来看,以下哪一项是配置域名服务 (DNS) 系统的最佳实践?
A.禁用名称服务器上的所有递归查询 Disable all recursive queries on the
name servers
B.限制区域转移到授权设备 Limit zone transfers to authorized devices
C.配置辅助服务器以将主服务器用作区域转发器 Configure secondary servers
to use the primary server as a zone forwarder
D.阻止所有传输控制协议 (TCP) 连接 Block all Transmission Control
Protocol (TCP) connections
ESPWhat is the second phase of Public Key Infrastructure (PKI)
key/certificate life-cycle management? 公钥基础设施 (PKI) 密钥/证书生命周期管理的第二阶段是什么?
A. 实施阶段 Implementation Phase
B. 初始化阶段 Initialization Phase
C. 取消阶段 Cancellation Phase
D. 发布阶段 Issued Phase
Which layer of the Open System Interconnection (OSI) model is reliant on other layers and is concerned with the structure, interpretation and handling of information? 开放系统互连 (OSI) 模型的哪一层依赖于其他层,并且与信息的结构、解释和处理有关?
A. 表示层 Presentation Layer
B. 会话层 Session Layer
C. 应用层 Application Layer
D. 传输层 Transport Layer
In a dispersed network that lacks central control, which of the following is the PRIMARY course of action to mitigate exposure? 在缺乏中央控制的分散网络中,以下哪一项是减轻暴露的主要措施?
A. 实施安全策略和标准、数据备份和审计控制 Implement security policies
and standards, data backups, and audit controls
B. 实施管理政策、审计控制和数据备份 Implement management policies,
audit control, and data backups
C. 实施安全策略和标准、访问控制和访问限制 Implement security policies
and standards, access controls, and access limitations
D. 实施远程访问策略、共享工作站和日志管理 Implement remote access
policies, shared workstations, and log management