网络安全应急响应基础理论及关键技术
1星价
¥48.3
(7.0折)
2星价¥48.3
定价¥69.0
暂无评论
图文详情
- ISBN:9787121437311
- 装帧:平塑
- 册数:暂无
- 重量:暂无
- 开本:其他
- 页数:304
- 出版时间:2022-06-01
- 条形码:9787121437311 ; 978-7-121-43731-1
本书特色
本书主要针对网络安全专业的从业者、学生、爱好者,概述了网络安全应急响应方面国外的应对举措、以及我国应急响应体系及机构建设、法律法规解读,并对应急响应所涉及的基础理论和关键技术进行了重点研究及阐释,帮助从业人员全面了解国际国内应急响应国家的法律、法规、行业标准及规范、关键技术原理及应用,本书注重理论阐释和实践在操作相结合的原则,通过案例分析和工具使用,一是加强对理论的理解,同时也有助于提高读者的动手操作能力。
内容简介
本书主要针对网络安全专业的从业者、学生、爱好者,概述了网络安全应急响应方面国外的应对举措、以及我国应急响应体系及机构建设、法律法规解读,并对应急响应所涉及的基础理论和关键技术进行了重点研究及阐释,帮助从业人员全面了解国际国内应急响应国家的法律、法规、行业标准及规范、关键技术原理及应用,本书注重理论阐释和实践在操作相结合的原则,通过案例分析和工具使用,一是加强对理论的理解,同时也有助于提高读者的动手操作能力。
目录
第1章 网络安全应急响应业务的发展简史 ············································.1
1.1 网络安全应急响应业务的由来 ·······························································.1
1.2 国际网络安全应急响应组织的发展 ·························································.2
1.2.1 FIRST 介绍 ···············································································.2
1.2.2 APCERT 介绍 ············································································.2
1.2.3 国家级 CERT 情况······································································.2
1.3 我国网络安全应急响应组织体系的发展简介 ·············································.3
第2章 网络安全应急响应概述 ···························································.5
2.1 网络安全应急响应相关概念 ··································································.5
2.2 网络安全与信息安全 ···········································································.5
2.3 产生网络安全问题的原因分析 ·······························································.6
2.3.1 技术方面的原因 ·········································································.6
2.3.2 管理方面的原因 ·········································································.8
第3章 网络安全应急响应法律法规 ·····················································.9
3.1 我国网络安全应急响应相关法律法规、政策 ·············································.9
3.2 《网络安全法》的指导意义 ·································································.10
3.2.1 建立网络安全监测预警和信息通报制度 ·········································.10
3.2.2 建立网络安全风险评估和应急工作机制 ·········································.11
3.2.3 制定网络安全事件应急预案并定期演练 ·········································.12
3.3 《信息安全技术 信息安全应急响应计划规范》(GB/T24363—2009) ··················.13
3.3.1 应急响应需求分析和应急响应策略的确定 ······································.14
3.3.2 编制应急响应计划文档 ······························································.14
3.3.3 应急响应计划的测试、培训、演练 ···············································.14
3.3.4 应急响应计划的管理和维护 ························································.14
3.4 信息安全事件分类分级 ·······································································.15
3.4.1 分类分级规范的重要意义 ···························································.15
3.4.2 信息安全事件分类原则 ······························································.16
3.4.3 信息安全事件分级原则 ······························································.16
第4章 网络安全应急响应的常用模型 ················································.18
4.1 网络杀伤链与反杀伤链模型 ·································································.18
4.2 钻石模型 ··························································································.19
4.3 自适应安全框架 ················································································.21
4.4 网络安全滑动标尺模型 ·······································································.22
第5章 应急响应处置流程 ·······························································.24
5.1 准备阶段 ··························································································.24
5.1.1 准备的目的 ··············································································.24
5.1.2 准备的实施 ··············································································.25
5.2 检测阶段 ··························································································.27
5.2.1 检测的目的 ··············································································.27
5.2.2 检测的实施 ··············································································.27
5.3 遏制阶段 ··························································································.28
5.3.1 遏制的目的 ··············································································.28
5.3.2 遏制的实施 ··············································································.29
5.4 根除阶段 ··························································································.30
5.4.1 根除的目的 ··············································································.30
5.4.2 根除的实施 ··············································································.30
5.5 恢复阶段 ··························································································.31
5.5.1 恢复的目的 ··············································································.31
5.5.2 恢复的实施 ········
1.1 网络安全应急响应业务的由来 ·······························································.1
1.2 国际网络安全应急响应组织的发展 ·························································.2
1.2.1 FIRST 介绍 ···············································································.2
1.2.2 APCERT 介绍 ············································································.2
1.2.3 国家级 CERT 情况······································································.2
1.3 我国网络安全应急响应组织体系的发展简介 ·············································.3
第2章 网络安全应急响应概述 ···························································.5
2.1 网络安全应急响应相关概念 ··································································.5
2.2 网络安全与信息安全 ···········································································.5
2.3 产生网络安全问题的原因分析 ·······························································.6
2.3.1 技术方面的原因 ·········································································.6
2.3.2 管理方面的原因 ·········································································.8
第3章 网络安全应急响应法律法规 ·····················································.9
3.1 我国网络安全应急响应相关法律法规、政策 ·············································.9
3.2 《网络安全法》的指导意义 ·································································.10
3.2.1 建立网络安全监测预警和信息通报制度 ·········································.10
3.2.2 建立网络安全风险评估和应急工作机制 ·········································.11
3.2.3 制定网络安全事件应急预案并定期演练 ·········································.12
3.3 《信息安全技术 信息安全应急响应计划规范》(GB/T24363—2009) ··················.13
3.3.1 应急响应需求分析和应急响应策略的确定 ······································.14
3.3.2 编制应急响应计划文档 ······························································.14
3.3.3 应急响应计划的测试、培训、演练 ···············································.14
3.3.4 应急响应计划的管理和维护 ························································.14
3.4 信息安全事件分类分级 ·······································································.15
3.4.1 分类分级规范的重要意义 ···························································.15
3.4.2 信息安全事件分类原则 ······························································.16
3.4.3 信息安全事件分级原则 ······························································.16
第4章 网络安全应急响应的常用模型 ················································.18
4.1 网络杀伤链与反杀伤链模型 ·································································.18
4.2 钻石模型 ··························································································.19
4.3 自适应安全框架 ················································································.21
4.4 网络安全滑动标尺模型 ·······································································.22
第5章 应急响应处置流程 ·······························································.24
5.1 准备阶段 ··························································································.24
5.1.1 准备的目的 ··············································································.24
5.1.2 准备的实施 ··············································································.25
5.2 检测阶段 ··························································································.27
5.2.1 检测的目的 ··············································································.27
5.2.2 检测的实施 ··············································································.27
5.3 遏制阶段 ··························································································.28
5.3.1 遏制的目的 ··············································································.28
5.3.2 遏制的实施 ··············································································.29
5.4 根除阶段 ··························································································.30
5.4.1 根除的目的 ··············································································.30
5.4.2 根除的实施 ··············································································.30
5.5 恢复阶段 ··························································································.31
5.5.1 恢复的目的 ··············································································.31
5.5.2 恢复的实施 ········
展开全部
作者简介
刘永刚,男,本科毕业,高级工程师。1984年10月份入伍,1986年9月至1989年7月于中国人名解放军重庆通信学院学习,毕业后被分配61938部队从事网络运行管理。1992年9月至1996年7月在合肥电子工程学院学习。毕业后至今,回原单位先后任工程师、训练室主任、分站副站部长、站长、高级工师等职。2007年被评为总参优秀专业技术人才,并享受部队特殊津贴,现为站专家委员会委员。
本类五星书
本类畅销
-
全图解零基础word excel ppt 应用教程
¥16.3¥48.0 -
C Primer Plus 第6版 中文版
¥62.6¥108.0 -
零信任网络:在不可信网络中构建安全系统
¥34.2¥59.0 -
有限与无限的游戏:一个哲学家眼中的竞技世界
¥37.4¥68.0 -
硅谷之火-人与计算机的未来
¥20.3¥39.8 -
情感计算
¥66.8¥89.0 -
大模型RAG实战 RAG原理、应用与系统构建
¥74.3¥99.0 -
大学计算机基础实验教程(MS Office版)——面向数据分析能力培养
¥29.1¥39.8 -
LINUX企业运维实战(REDIS+ZABBIX+NGINX+PROMETHEUS+GRAFANA+LNMP)
¥51.8¥69.0 -
AI虚拟数字人:商业模式+形象创建+视频直播+案例应用
¥70.0¥89.8 -
LINUX实战——从入门到精通
¥52.4¥69.0 -
剪映AI
¥52.8¥88.0 -
快速部署大模型:LLM策略与实践(基于ChatGPT等大语言模型)
¥56.9¥79.0 -
数据驱动的工业人工智能:建模方法与应用
¥68.3¥99.0 -
数据存储架构与技术(第2版)
¥62.9¥89.8 -
纹样之美:中国传统经典纹样速查手册
¥76.3¥109.0 -
Java面向对象程序设计基础教程
¥35.9¥59.8 -
UG NX 12.0数控编程
¥24.8¥45.0 -
MATLAB计算机视觉与深度学习实战(第2版)
¥90.9¥128.0 -
UN NX 12.0多轴数控编程案例教程
¥24.3¥38.0
