新書推薦:
《
粤港澳大湾区文化产业圈论纲
》
售價:HK$
153.6
《
粤港澳大湾区蓝皮书:粤港澳大湾区建设报告(2023)
》
售價:HK$
225.6
《
邂逅晚清——中美的对望与凝视(罕见国内作者所著全面反映晚清中美交往历史的通俗作品)
》
售價:HK$
105.6
《
广东当代金融史:全三册
》
售價:HK$
717.6
《
养育的觉醒:全面激发孩子自驱力,教你如何心平气和做妈妈
》
售價:HK$
58.8
《
1368:历史岔道口的抉择与国运盛衰
》
售價:HK$
69.6
《
全球城市发展报告2023:基于全球城市网络的合作与竞争
》
售價:HK$
273.6
《
为什么只见树木不见森林:从简单现象到复杂系统
》
售價:HK$
94.8
|
內容簡介: |
本书主要针对网络安全专业的从业者、学生、爱好者,概述了网络安全应急响应方面国外的应对举措、以及我国应急响应体系及机构建设、法律法规解读,并对应急响应所涉及的基础理论和关键技术进行了重点研究及阐释,帮助从业人员全面了解国际国内应急响应国家的法律、法规、行业标准及规范、关键技术原理及应用,本书注重理论阐释和实践在操作相结合的原则,通过案例分析和工具使用,一是加强对理论的理解,同时也有助于提高读者的动手操作能力。
|
關於作者: |
刘永刚,男,本科毕业,高级工程师。1984年10月份入伍,1986年9月至1989年7月于中国人名解放军重庆通信学院学习,毕业后被分配61938部队从事网络运行管理。1992年9月至1996年7月在合肥电子工程学院学习。毕业后至今,回原单位先后任工程师、训练室主任、分站副站部长、站长、高级工师等职。2007年被评为总参优秀专业技术人才,并享受部队特殊津贴,现为站专家委员会委员。
|
目錄:
|
第1章 网络安全应急响应业务的发展简史 ············································.11.1 网络安全应急响应业务的由来 ·······························································.11.2 国际网络安全应急响应组织的发展 ·························································.21.2.1 FIRST 介绍 ···············································································.21.2.2 APCERT 介绍 ············································································.21.2.3 国家级 CERT 情况······································································.21.3 我国网络安全应急响应组织体系的发展简介 ·············································.3第2章 网络安全应急响应概述 ···························································.52.1 网络安全应急响应相关概念 ··································································.52.2 网络安全与信息安全 ···········································································.52.3 产生网络安全问题的原因分析 ·······························································.62.3.1 技术方面的原因 ·········································································.62.3.2 管理方面的原因 ·········································································.8第3章 网络安全应急响应法律法规 ·····················································.93.1 我国网络安全应急响应相关法律法规、政策 ·············································.93.2 《网络安全法》的指导意义 ·································································.103.2.1 建立网络安全监测预警和信息通报制度 ·········································.103.2.2 建立网络安全风险评估和应急工作机制 ·········································.113.2.3 制定网络安全事件应急预案并定期演练 ·········································.123.3 《信息安全技术 信息安全应急响应计划规范》(GB/T24363—2009) ··················.133.3.1 应急响应需求分析和应急响应策略的确定 ······································.143.3.2 编制应急响应计划文档 ······························································.143.3.3 应急响应计划的测试、培训、演练 ···············································.143.3.4 应急响应计划的管理和维护 ························································.143.4 信息安全事件分类分级 ·······································································.153.4.1 分类分级规范的重要意义 ···························································.153.4.2 信息安全事件分类原则 ······························································.163.4.3 信息安全事件分级原则 ······························································.16第4章 网络安全应急响应的常用模型 ················································.184.1 网络杀伤链与反杀伤链模型 ·································································.184.2 钻石模型 ··························································································.194.3 自适应安全框架 ················································································.214.4 网络安全滑动标尺模型 ·······································································.22第5章 应急响应处置流程 ·······························································.245.1 准备阶段 ··························································································.245.1.1 准备的目的 ··············································································.245.1.2 准备的实施 ··············································································.255.2 检测阶段 ··························································································.275.2.1 检测的目的 ··············································································.275.2.2 检测的实施 ··············································································.275.3 遏制阶段 ··························································································.285.3.1 遏制的目的 ··············································································.285.3.2 遏制的实施 ··············································································.295.4 根除阶段 ··························································································.305.4.1 根除的目的 ··············································································.305.4.2 根除的实施 ··············································································.305.5 恢复阶段 ··························································································.315.5.1 恢复的目的 ··············································································.315.5.2 恢复的实施 ········
|
|