2016年5月 数据库系统工程师 上午题之二十五
摘要:对于【数据库系统工程师】软考考试而言,真题无疑是最重要的学习资料之一。在软考备考过程中,吃透真题、掌握真题所考知识点、熟悉真题的出题思路,对我们提升分数的效果是最明显的,通过对真题的反复练习,还可以查漏补缺。今天,给大家带来【2016年5月 数据库系统工程师 上午题】部分真题的详解,一起来看看吧~1、In the fields of physical security
1、In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming,entering, or using. Permission to access a resource is called authorization(授权).An access control mechanism( )between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls; routers, files,and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is ( ) to access the system at all.Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to(请作答此空) access. An auditing function monitors and keeps a record of user accesses to system resources.In practice, a number of( )may cooperatively share the access control function. All Operating systems have at least a rudimentary(基本的).and in many cases a quite robust, access control component. Add-on security packages can add to the ( )access control capabilities of the OS. Particular applications .or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services .
A、open
B、monitor
C、grant
D、seek
答案:C
答题解析:
在物理安全和信息安全领域,访问控制是访问一个地方或其他资源的选择性限制。访问的行为可能是消耗、进入或使用。访问资源的权限称为授权。
访问控制机制介于用户(或代表用户的过程的执行)和系统资源之间,资源如应用程序、操作系统、防火墙、路由器、文件和数据库。系统必须首先认证用户的访问企图。典型的,认证功能确定一个用户是否被允许访问该系统。然后,访问控制功能确造此用户的特定访问请求是否允许。安全管理员维护授权数据库,其中指定用户可以访问对那个资源具有什么类型的访问权限。访问控制功能查询数据库以确定是否授权访问。审计功能监控和记录用户对系统资源的访问。
实际上,很多组件可以一起合作提供访问控制功能。所有操作系统至少具有基本的访问控制组件,而且这些组件大多情况下非常健壮。附加安全包可以添加到操作系统的本地安全控制功能。特定的应用和实用工具,如数据管理系统,也并入了访问控制功能。
如防火墙等外部设备也能够提供访问控制服务。
2、In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming,entering, or using. Permission to access a resource is called authorization(授权).An access control mechanism( )between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls; routers, files,and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is ( ) to access the system at all.Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to( ) access. An auditing function monitors and keeps a record of user accesses to system resources.In practice, a number of(请作答此空)may cooperatively share the access control function. All Operating systems have at least a rudimentary(基本的).and in many cases a quite robust, access control component. Add-on security packages can add to the ( )access control capabilities of the OS. Particular applications .or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services .
A、components
B、users
C、mechanisms
D、algorithms
答案:A
答题解析:
在物理安全和信息安全领域,访问控制是访问一个地方或其他资源的选择性限制。访问的行为可能是消耗、进入或使用。访问资源的权限称为授权。
访问控制机制介于用户(或代表用户的过程的执行)和系统资源之间,资源如应用程序、操作系统、防火墙、路由器、文件和数据库。系统必须首先认证用户的访问企图。典型的,认证功能确定一个用户是否被允许访问该系统。然后,访问控制功能确造此用户的特定访问请求是否允许。安全管理员维护授权数据库,其中指定用户可以访问对那个资源具有什么类型的访问权限。访问控制功能查询数据库以确定是否授权访问。审计功能监控和记录用户对系统资源的访问。
实际上,很多组件可以一起合作提供访问控制功能。所有操作系统至少具有基本的访问控制组件,而且这些组件大多情况下非常健壮。附加安全包可以添加到操作系统的本地安全控制功能。特定的应用和实用工具,如数据管理系统,也并入了访问控制功能。
如防火墙等外部设备也能够提供访问控制服务。
3、In the fields of physical security and information security, access control is the selective restriction of access to a place or other resource. The act of accessing may mean consuming,entering, or using. Permission to access a resource is called authorization(授权).An access control mechanism( )between a user (or a process executing on behalf of a user) and system resources, such as applications, operating systems, firewalls; routers, files,and databases. The system must first authenticate(验证)a user seeking access. Typically the authentication function determines whether the user is ( ) to access the system at all.Then the access control function determines if the specific requested access by this user is permitted. A security administrator maintains an authorization database that specifies what type of access to which resources is allowed for this user. The access control function consults this database to determine whether to( ) access. An auditing function monitors and keeps a record of user accesses to system resources.In practice, a number of( )may cooperatively share the access control function. All Operating systems have at least a rudimentary(基本的).and in many cases a quite robust, access control component. Add-on security packages can add to the (请作答此空)access control capabilities of the OS. Particular applications .or utilities, such as a database management system, also incorporate access control functions. External devices, such as firewalls, can also provide access control services .
A、remote
B、native
C、controlled
D、automated
答案:B
答题解析:
在物理安全和信息安全领域,访问控制是访问一个地方或其他资源的选择性限制。访问的行为可能是消耗、进入或使用。访问资源的权限称为授权。
访问控制机制介于用户(或代表用户的过程的执行)和系统资源之间,资源如应用程序、操作系统、防火墙、路由器、文件和数据库。系统必须首先认证用户的访问企图。典型的,认证功能确定一个用户是否被允许访问该系统。然后,访问控制功能确造此用户的特定访问请求是否允许。安全管理员维护授权数据库,其中指定用户可以访问对那个资源具有什么类型的访问权限。访问控制功能查询数据库以确定是否授权访问。审计功能监控和记录用户对系统资源的访问。
实际上,很多组件可以一起合作提供访问控制功能。所有操作系统至少具有基本的访问控制组件,而且这些组件大多情况下非常健壮。附加安全包可以添加到操作系统的本地安全控制功能。特定的应用和实用工具,如数据管理系统,也并入了访问控制功能。
如防火墙等外部设备也能够提供访问控制服务。
查看完整试题>>>
软考资料: 2024年软考论文范文> 软考考试核心重点难点汇总> 查看更多>
备考刷题:章节练习+每日一练> 软考历年试题+模拟题>查看更多>