Ask questions about information security, questions about information security.

Question 1: c

Anonymity should be turned off to prevent others from spamming.

Question 2: A personal registration information must be filled in at the time of registration, and the email service provider should keep this information confidential.

Question 3: Both AB and C are normal and not illegal.

Question 4: There is no security software on TV B and ** at present.

Question 5: A The other two children can also see it.

Question 6: B7: A

Question 8: A9: C

For hacker attacks, the main purpose is to prevent hackers from invading their own computers, hackers want to invade your computer, you must use an open port on your computer, firewall program is the software to monitor and control the port connection of the computer.

Question 10: A antivirus software should upgrade the virus database or antivirus engine in time, otherwise it will not be able to deal with new viruses. (Antivirus software with heuristic antivirus is more effective against unknown viruses).

Question 11: A If illegal information is discovered, the transmission should be stopped. Disruptions to the network can affect other users who surf the Internet, and tracking investigations is a matter for law enforcement.

Question 12: A Typical case, Internet café.

Question 13: A14: A

Question 15: True/False.

Question 16: True or False Error A computer virus is a program written by a programmer.

There are many reasons for information security problems, but there are generally two types of information security problems: physical and human.

There are many factors that lead to information security problems, such as computer hardware failure, computer viruses, hacker attacks, interception of computer electromagnetic waves, eavesdropping, or wiretapping, etc. It can be broadly divided into two categories: physical and human.

The human factors are: information security problems caused by various mistakes at work; The creation and use of information systems determines that information systems will inevitably have weaknesses and face threats; Lack of information security awareness, resulting in a large number of information security problems; Different groups of people deliberately sabotage and affect each other's information security due to various contradictions and entanglements.

From the analysis of the root cause of the problem of information security, the contradiction is the development of movement, and the problem of information security reflects the development process of information technology. The law of the unity of opposites identifies that the existence of things is embodied in the constant movement, and the development of the movement is a problem of the unity of opposites of contradictions.

From a philosophical point of view, the contradiction in development is always there, otherwise there would be no "development". What people can do is to follow the law of development to develop things in the future, and try their best to do something to support development, that is, the development is smoother! The same goes for information security.

Incomplete or gaps in the development of science and technology lead to information security problems:

1. People's mastery of science and technology is a sustainable process, and this process will not be achieved overnight or end. Scientific problems in the field of information also follow this process, so that in a certain period of time, the imperfection of information technology will inevitably lead to one or more problems in the security of the technology users. Only pursue the implementation of functions, and ignore security.

For example, if the login interface does not use the verification code, there may be a risk of brute-force cracking.

2. The degree of mastery of science and technology in different groups of human beings is different, and the asymmetry of knowledge is an objective fact, and there are many kinds of information systems, involving many different scientific and technological problems. Therefore, for information technology, the group with backward and incomplete knowledge, pre-estimation and response status, and inadequate disposal settings is a major source of various information security problems.

Overview of the information security management system

We know that there are two pillars to information security: technology and management. When we talk about information security on a daily basis, we mostly talk about technology-related fields, such as IDS intrusion detection technology, Firewall technology, Anti-virus technology, encryption technology, CA authentication technology, etc.

This is because information security technology and products can quickly see direct benefits, and at the same time, the development level of technology and products is relatively high. In addition, the cultivation of the market by technology manufacturers has continuously improved people's awareness of information security technologies and products.

With the development trend of threats, the types and quantities of security technology deployments are increasing, but it is not that the more types and quantities of security technologies and security products, the better.

Although everyone is always sighing in the face of information security incidents: "the road is one foot high, the magic is one foot high", reflecting on the shortcomings of their own technology, in essence, people are ignoring the other two levels of protection at this time. As Academician Shen Changxiang pointed out:

Traditional information security measures are mainly to plug loopholes, build high walls, and prevent external attacks, but the final result is that it is impossible to prevent it. ”

Technical requirements and management requirements are two inseparable parts to ensure the security of information systems, which are both independent and interrelated, and in some cases, technology and management can play their respective roles;

In other cases, both technical and management methods are required to achieve security control or stronger security control; In most cases, technical and management requirements support each other to ensure that their respective functions are implemented correctly. We usually use the bucket effect to describe the security of distributed systems, and we think that the safety of the entire system depends on the weakest piece of wood in the bucket.

The platform is like a hoop for this bucket, and with this hoop, it is very difficult for the bucket to collapse. Even a few loopholes do not cause catastrophic damage to the entire system.

There are many reasons for information security problems, but there are generally two types of them.

a.Physical vs. Human.

b.Hackers vs. viruses.

c.System vulnerabilities and hardware failures.

d.Computer Crime & Sabotage.

Correct Answer: a

This view is not entirely correct. Although information security technology can protect and encrypt information, thereby improving the security of information, it cannot perfectly solve all information security problems. Information security is a complex system engineering, which requires the comprehensive use of technology, management and personnel to prevent and manage.

First of all, information security technology itself is not foolproof, and it can also have vulnerabilities and risks of being breached. Secondly, information security issues also include some management and personnel issues, such as employee security awareness, implementation of security norms, and so on. If there are problems with management and personnel, even the most advanced technology cannot be used to fully guarantee the security of information.

Therefore, to solve the problem of information security, it is necessary to comprehensively use technology, management and personnel to prevent and manage. Only when many aspects are effectively guaranteed and managed can the security of information be better guaranteed.

Personally, I don't think this view is entirely correct. Although information security technology plays a very important role in the field of information security, there are also unavoidable limitations. For example, attackers can exploit human weaknesses to bypass technical defenses, such as through social engineering.

In addition, it is possible for technical defenses to be breached or exploited by attackers to exploit known vulnerabilities. At the same time, other factors such as information management strategies and personnel quality may also affect information security. Therefore, in ensuring information security, it is necessary to use a combination of various means, including technical means, personnel training, security management, emergency plans, risk assessment, etc., to comprehensively improve the level of information security.

The statement about information security is wrong

a.It includes two main aspects: technology and management.

b.Policy is the foundation of information security.

c.Absolute safety can be achieved by taking adequate measures.

d.Confidentiality, integrity, and availability are the goals of information security.

Answer C. <>

Information security. 1. Information security means that the hardware, software and data in the information network and its system are protected, and the system is not damaged, changed or leaked due to accidental or malicious reasons, and the system runs continuously, reliably and normally, and the information service is not interrupted. Information security mainly includes the following five aspects, that is, to ensure the confidentiality, authenticity, integrity, unauthorized copying of information and the security of the parasitic system.

2. Information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography technology, information security technology, application of data and dust, number theory, information theory and other disciplines Information security refers to the protection of the hardware, software and information of the system, and the continuous normal operation and service. The essence of information security is to protect information systems and information resources from various threats, interference and destruction, that is, to ensure the security of information.

The main goal is to prevent information from being identified and controlled by unauthorized leakage, alteration, destruction or illegal systems, and to ensure the confidentiality, integrity, availability, controllability and auditability of information (the five characteristics of information security).

**In the "Regulations on the Security Protection of Computer Information Systems", it is pointed out that the security protection of computer information systems shall ensure the security of computers and their related supporting equipment and facilities (including networks), the security of the operating environment, the security of information, and the normal performance of computer functions, so as to maintain the safe operation of computer information systems.

The International Organization for Standardization (ISO) defines information security as the technical and managerial protection established and adopted for data processing systems to protect computer hardware, software, and data from destruction, alteration, and leakage due to accidental and malicious reasons.