CISSP认证每日知识点和常错题（12月16日）

一、每日知识点（以下知识点源自CISSP官方学习指南Flash CARD）

知识点1：

Q：What is the threat posed by ransomware?

问：勒索软件的威胁是什么？

A：Ransomware uses traditional malware techniques to infect a system and then encrypts data on that system using a key known only to the attacker. The attacker then demands payment of a ransom from the victim in exchange for providing the decryption key.

答：勒索软件使用传统的恶意软件技术感染系统，然后使用只有攻击者知道的密钥加密该系统上的数据。然后，攻击者要求受害者支付赎金，以换取提供解密密钥。

知识点2：

Q：What forms of backup always set the archive bit to 0?

问：什么形式的备份总是将存档位设置为0？

A：Full and incremental

答：完整备份和增量备份

知识点3：

Q：Name five generic terms that refer to mobile phones, tablets, and other similar devices.

问：列出五个通用术语，它们指的是手机、平板电脑和其他类似设备。

A：A device owned by an individual can be referenced using any of these terms: portable device, mobile device, personal mobile device (PMD), personal electronic device or portable electronic device (PED), and personally owned device (POD).

答：个人拥有的设备可以使用以下任何术语来引用：便携式设备、移动设备、个人移动设备（PMD）、个人电子设备或便携式电子设备（PED）以及个人拥有的设备（POD）。

二、CISSP认证常错题（源自CISSP认证官方习题集、CISSP认证官方综合测试题）【答案解析在题目之后】
题目1：Melissa负责其组织的安全合规性工作，并被告知该组织在补丁发布一个月后才会安装 Windows补丁，除非存在零日漏洞正被积极利用。为什么公司会像这样延迟修补补丁？Melissa is in charge of her organization’s security compliance efforts and has been told that the organization does not install Windows patches until a month has passed since the patch has been released unless there is a zero-day exploit that is being actively exploited. Why would the company delay patching like this?A、为了尽量减少安装对业务的影响To minimize business impact of the installationB、为了识别补丁的任何缺陷To allow any flaws with the patch to be identifiedC、为了防止补丁中的恶意软件在被识别之前被安装To prevent malware in the patches from being installed before it is identifiedD、为了将补丁分发到所有系统To allow the patch to be distributed to all systems
题目2：Fred的公司希望确保通过其中央电子邮件服务器发送的电子邮件的完整性。如果消息的机密性不重要，Fred应该建议什么解决方案？Fred's company wants to ensure the integrity of email messages sent via its central email servers. If the confidentiality of the messages is not critical, what solution should Fred suggest?A、数字签名和加密所有消息，以确保完整性Digitally sign and encrypt all messages to ensure integrity.B、数字签名，但不加密所有消息Digitally sign but don’t encrypt all messages.C、使用TLS保护消息，确保其完整性Use TLS to protect messages, ensuring their integrity.D、使用散列算法在每个消息中提供散列，以证明它没有改变Use a hashing algorithm to provide a hash in each message to prove that it hasn't changed.
题目3：服务票证(ST)在Kerberos身份验证中的作用是什么？What does a service ticket (ST) provide in Kerberos authentication?A、它充当身份验证主机It serves as the authentication host.B、它可以证明主体对客体的访问是合法的It provides proof that the subject is authorized to access an object.C、它可以证明主体已通过KDC身份验证，该主体可以请求票证从而访问特定的客体It provides proof that a subject has authenticated through a KDC and can request tickets to access other objects.D、它提供票证授予服务It provides ticket granting services.
---------------
另有更多免费认证测试题，可私信我获取和做题


---------------
题目1：
答案：B解析：许多组织将补丁延迟一段时间，以确保在整个组织安装补丁之前发现任何以前未识别的缺陷。Melissa需要在她的角色中平衡业务影响与安全性，并根据组织的风险承受能力和安全需求，选择支持或推动更积极的安装实践。Many organizations delay patches for a period of time to ensure that any previously unidentified flaws are found before the patches are installed throughout their organization. Melissa needs to balance business impact against security in her role and may choose to support this or to push for more aggressive installation practices depending on the organization’s risk tolerance and security needs.

题目2：
答案：B解析：Fred的公司需要保护完整性，这可以通过数字签名消息来实现。任何更改将导致签名无效。加密不是必需的，因为公司不想保护机密性。TLS可以提供传输保护，但不会保护消息的完整性；当然，如果无法验证散列值没有改变，散列值也不能保证完整性。Fred's company needs to protect integrity, which can be accomplished by digitally signing messages. Any change will cause the signature to be invalid. Encrypting isn't necessary because the company does not want to protect confidentiality. TLS can provide in-transit protection but won't protect integrity of the messages, and of course a hash used without a way to verify that the hash wasn't changed won't ensure integrity either.

题目3：
答案：B解析：Kerberos身份验证中的服务票证证明主体经过授权可访问客体。票证授予服务是由TGS提供的。TGT授予票证提供主体已认证的证明，并授权请求访问其他客体的票据。认证主机则是编造的术语。The service ticket in Kerberos authentication provides proof that a subject is authorized to access an object. Ticket granting services are provided by the TGS. Proof that a subject has authenticated and can request tickets to other objects uses ticket-granting tickets, and authentication host is a made-up term.