题目：阅读下列说明，回答问题1至问题3，将解答写在答题纸的对应栏内。【说明】安全目标的关键是实现安全的三大要素:机密性、完整性和可用性。对于一般性的信息类型的安全分类有以下表达形式:{(机密性，影响等级)，(完整性，影响等级)，(可用性，影响等级)}在上述表达式中，"影响等级"的值可以取为低(L)、中(M)、高(H)三级以及不适用(NA)。【问题1】。(6分)请简要说明机密性、完整性和可用性的含义。【问题2】(6分）对于影响等级"不适用"通常只针对哪个安全要素?【问题3】(3分)如果一个普通人在它的个人Web服务器上管理其公开信息。请问这种公开信息的安全分类是什么?

题目：试题五 阅读下列说明和图，回答问题1至问题5，将解答写在答题纸的对应栏内。 【说明】 入侵检测系统（IDS）和入侵防护系统（IPS）是两种重要的网络安全防御手段，IDS注重的是网络安全状况的监管，IPS则注重对入侵行为的控制。 【问题1】（2分） 网络安全防护可以分为主动防护和被动防护，请问IDS和IPS分别属于哪种防护？ 【问题2】（4分） 入侵检测是动态安全模型(P2DR)的重要组成部分。请列举P2DR模型的4个主要组成部分。 【问题3】（2分） 假如某入侵检测系统记录了如图5-1所示的网络数据包: 图5-1 请问图中的数据包属于哪种网络攻击？该攻击的具体名字是什么？ 【问题4】（4分） 入侵检测系统常用的两种检测技术是异常检测和误用检测，请问针对图中所描述的网络攻击应该采用哪种检测技术？请简要说明原因。 【问题5】（3分） Snort是一款开源的网络入侵检测系统，它能够执行实时流量分析和IP协议网络的数据包记录。 Snort的配置有3种模式，请给出这3种模式的名字。

题目：试题四 阅读下列说明和C语言代码，回答问题1至问题4，将解答写在答题纸的对应栏内。 【说明】 在客户服务器通信模型中，客户端需要每隔一定时间向服务器发送数据包，以确定服务器是否掉线，服务器也能以此判断客户端是否存活，这种每隔固定时间发一次的数据包也称为心跳包。心跳包的内容没有什么特别的规定，一般都是很小的包。某系统采用的请求和应答两种类型的心跳包格式如图4-1所示。 图4-1协议包格式 心跳包类型占1个字节，主要是请求和响应两种类型; 心跳包数据长度字段占2个字节，表示后续数据或者负载的长度。 接收端收到该心跳包后的处理函数是process_ heartbeat ()，其中参数p指向心跳包的报文数据，s是对应客户端的socket网络通信套接字。 【问题1】（4分） （1）心跳包数据长度字段的最大取值是多少？ （2）心跳包中的数据长度字段给出的长度值是否必须和后续的数据字段的实际长度一致？ 【问题2】（5分） （1）上述接收代码存在什么样的安全漏洞？ （2）该漏洞的危害是什么？ 【问题3】（2分） 模糊测试（Fuzzing）是一种非常重要的信息系统安全测评方法，它是一种基于缺陷注入的自动化测试技术。请问模糊测试属于黑盒测试还是白盒测试？其测试结果是否存在误报？ 【问题4】（4分） 模糊测试技术能否测试出上述代码存在的安全漏洞？为什么？

题目：

题目：试题二 阅读下列说明和图，回答问题1至问题3，将解答填入答题纸的对应栏内。 【说明】 密码学的基本目标是在有攻击者存在的环境下，保证通信双方（A和B）之间能够使用不安全的通信信道实现安全通信。密码技术能够实现信息的保密性、完整性、可用性和不可否认性等安全目标。一种实用的保密通信模型往往涉及对称加密、公钥密码、Hash函数、数字签名等多种密码技术。 在以下描述中，M表示消息，H表示Hash函数，E表示加密算法，D表示解密算法，K表示密钥，SKA表示A的私钥，PKA表示A的公钥，SKB表示B的私钥，PKB表示B的公钥， 表示连接操作。 【问题1】（6分） 用户AB双方采用的保密通信的基本过程如图2-1所示。

题目：试题一 阅读下列说明，回答问题1至问题4，将解答填入答题纸的对应栏内。 【说明】恶意代码是指为达到恶意目地专门设计的程序或者代码。常见的恶意代码类型有特洛伊木马、蠕虫、病毒、后门、Rootkit、僵尸程序、广告软件。2017年5月。勒索软件WanaCry席卷全球，国内大量高校及企事业单位的计算机被攻击，文件及数据被加密后无法使用，系统或服务无法正常运行，损失巨大。 【问题1】（2分） 按照恶意代码分类，此次爆发的恶意软件属于那种类型？ 【问题2】（2分） 此次勒索软件针对软件攻击目标是Windows还是Linux类系统？ 【问题3】（6分） 恶意代码具有的共同特征是什么？ 【问题4】（5分） 由于此次勒索软件需要利用系统的SMB服务漏洞（端口号445）进行传播，我们可以配置防火墙过滤规则来阻止勒索软件的攻击，请填写表1-1中的空（1）-（5），使该过滤规则完整。 注：假设本机IP地址为：1.2.3.4，”*”表示通配符。

题目：Trust is typically interpreted as a subjective belief in the reliability， honesty and  security  of an entity on which we depend （ ）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to  policy . A consequence of this is that a trust component of a system must work correctly in order   for the security of that system to hold, meaning that when a trusted（  ）fails , then the sytems and applications that depend on it can（  ）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed   policy in order to ensure the expected level of securty and quality of services . A paradoxical   conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the  identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （  ）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining  authorisation policies in personalised services.Establishing trust always has a cost, so that having  complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（本题  ）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.

题目：Trust is typically interpreted as a subjective belief in the reliability， honesty and  security  of an entity on which we depend （ ）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to  policy . A consequence of this is that a trust component of a system must work correctly in order   for the security of that system to hold, meaning that when a trusted（  ）fails , then the sytems and applications that depend on it can（  ）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed   policy in order to ensure the expected level of securty and quality of services . A paradoxical   conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the  identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （本题  ）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining  authorisation policies in personalised services.Establishing trust always has a cost, so that having  complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（  ）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.

题目：Trust is typically interpreted as a subjective belief in the reliability， honesty and  security  of an entity on which we depend （ ）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to  policy . A consequence of this is that a trust component of a system must work correctly in order   for the security of that system to hold, meaning that when a trusted（  ）fails , then the sytems and applications that depend on it can（本题  ）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed   policy in order to ensure the expected level of securty and quality of services . A paradoxical   conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the  identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （  ）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining  authorisation policies in personalised services.Establishing trust always has a cost, so that having  complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（  ）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.

题目：Trust is typically interpreted as a subjective belief in the reliability， honesty and  security  of an entity on which we depend （ ）our welfare .In online environments we depend on a wide spectrun of things , ranging from computer hardware,software and data to people and organizations. A security solution always assumes certain entities function according to specific policies.To trust is precisely to make this sort of assumptions , hence , a trusted entity is the same as an entity that is assumed to function according to  policy . A consequence of this is that a trust component of a system must work correctly in order   for the security of that system to hold, meaning that when a trusted（本题  ）fails , then the sytems and applications that depend on it can（  ）be considered secure.An often cited articulation of this principle is:＂ a trusted system or component is one that can break your security policy” ( which happens when the trust system fails ). The same applies to a trusted party such as a service provider ( SP for short )that is , it must operate according to the agreed or assumed   policy in order to ensure the expected level of securty and quality of services . A paradoxical   conclusion to be drawn from this analysis is that security assurance may decrease when increasing the number of trusted components and parties that a service infrastructure depends on . This is because the security of an infrastructure consisting of many.Trusted components typically follows the principle of the weakest link , that is ,in many situations the the overall security can only be as strong as the least reliable or least secure of all the trusted components. We cannot avoid using trusted security components,but the fewer the better. This is important to understand when designing the  identity management architectures,that is, fewer the trusted parties in an identity management model , stronger the security that can be achieved by it.The transfer of the social constructs of identity and trust into digital and computational concepts helps in designing and implementing large scale online markets and communities,and also plays an important role in the converging mobile and Internet environments.Identity management (denoted Idm hereafter ) is about recognizing and verifying the correctness of identitied in online environment .Trust management becomes a component of （  ）whenever different parties rely on each other for identity provision and authentication . IdM and Trust management therefore depend on each other in complex ways because the correctness of the identity itself must be trusted for the quality and reliability of the corresponding entity to be trusted.IdM is also an essential concept when defining  authorisation policies in personalised services.Establishing trust always has a cost, so that having  complex trust requirement typically leads to high overhead in establishing the required trust. To reduce costs there will be incentives for stakeholders to “cut corners”regarding trust requirements ,which could lead to inadequate security . The challenge is to design IdM systems with relatively simple trust requirements.Cryptographic mechanisms are often a core component of IdM solutions,for example,for entity and data authentication.With cryptography,it is often possible to propagate trust from where it initially exists to where it is needed .The establishment of initial（  ）usually takes place in the physical world,and the subsequent propagation of trust happens online,often in an automated manner.