2013年上半年软考《嵌入式系统设计师》上午模拟试卷二

(74)

(75)

(73)

(72)

Pharming　is　a　scamming　practice　in　which　malicious　code　is　installed　on　a　personal　computer　or　server,　misdirecting　users　to(71)Web　sites　without　their　knowledge　or　consent.　　Pharming　has　been　called　"phishing　without　a　lure."

In　phishing,　the　perpetrator　sends　out　legitimate-(72)E-mails,　appearing　to　come　from　some　of　the　Web's　most　popular　sites,　in　ah　effort　to　obtain　personal　and　financial　information　from　individual　recipients.　But　in　pharming,　larger　numbers　of　computer　users　can　be(73)because　it　is　not　necessary　to　target　individuals　one　by　one　and　no　conscious　action　is　required　on　the　part　of　the　victim.　In　one　form.　of　pharming　attack,　code　sent　in　an　E-mail　modifies　local　host　files　on　a　personal　computer.　The　host　files　convert　URLs　into　the　number　strings　that　the　computer　uses　to　access　Web　sites.　A　computer　with　a　compromised　host　file　will　go　to　the　fake　Web　site　even　if　a　user　types　in　the　correct　Internet　address　or　clicks　on　an　affected(74)entry.　Some　spyware　removal　programs　can　correct　the　corruption,　but　it　frequently　recurs　unless　the　user　changes　browsing(75).

(70)

(69)

(67)

(68)

With　hundreds　of　millions　of　electronic(66)taking　place　daily,　businesses　and　organizations　have　a　strong　incentive　to　protect　the(67)of　the　data　exchanged　in　this　manner,　and　to　positively　ensure　the(68)of　those　involved　in　the　transactions.　This　has　led　to　an　industry-wide　quest　for　better,　more　secure　methods　for　controlling　IT　operations,　　and　for　deploying　strong　security　mechanisms　deeply　and　broadly　throughout　networked　　infrastructures　and　client　devices.　One　of　the　more　successful　concepts　to　engage　the　imaginations　of　the　security　community　has　been　the　development　of　standards-based　security(69)that　can　be　incorporated　in　the　hardware　design　of　client　computers.　The　principle　of　encapsulating　core　security　capabilities　in(70)and　integrating　security　provisions　　at　the　deepest　levels　of　the　machine　operation　has　significant　benefits　for　both　users　and　those　responsible　for　securing　IT　operations.