《網路安全應急回響基礎理論及關鍵技術》是電子工業出版社於2022年出版的書籍,作者是劉永剛
基本介紹
- 中文名:網路安全應急回響基礎理論及關鍵技術
- 作者:劉永剛
- 出版社:電子工業出版社
- 出版時間:2022年6月
- 頁數:304 頁
- 開本:16 開
- ISBN:9787121437311
內容簡介,圖書目錄,
內容簡介
本書主要針對網路安全專業的從業者、學生、愛好者,概述了網路安全應急回響方面國外的應對舉措、以及我國應急回響體系及機構建設、法律法規解讀,並對應急回響所涉及的基礎理論和關鍵技術進行了重點研究及闡釋,幫助從業人員全面了解國際國內應急回響國家的法律、法規、行業標準及規範、關鍵技術原理及套用,本書注重理論闡釋和實踐在操作相結合的原則,通過案例分析和工具使用,一是加強對理論的理解,同時也有助於提高讀者的動手操作能力。
圖書目錄
第1章 網路安全應急回響業務的發展簡史 ············································.1
1.1 網路安全應急回響業務的由來 ·······························································.1
1.2 國際網路安全應急回響組織的發展 ·························································.2
1.2.1 FIRST 介紹 ···············································································.2
1.2.2 APCERT 介紹 ············································································.2
1.2.3 國家級 CERT 情況······································································.2
1.3 我國網路安全應急回響組織體系的發展簡介 ·············································.3
第2章 網路安全應急回響概述 ···························································.5
2.1 網路安全應急回響相關概念 ··································································.5
2.2 網路安全與信息安全 ···········································································.5
2.3 產生網路安全問題的原因分析 ·······························································.6
2.3.1 技術方面的原因 ·········································································.6
2.3.2 管理方面的原因 ·········································································.8
第3章 網路安全應急回響法律法規 ·····················································.9
3.1 我國網路安全應急回響相關法律法規、政策 ·············································.9
3.2 《網路安全法》的指導意義 ·································································.10
3.2.1 建立網路安全監測預警和信息通報制度 ·········································.10
3.2.2 建立網路安全風險評估和應急工作機制 ·········································.11
3.2.3 制定網路安全事件應急預案並定期演練 ·········································.12
3.3 《信息安全技術 信息安全應急回響計畫規範》(GB/T24363—2009) ··················.13
3.3.1 應急回響需求分析和應急回響策略的確定 ······································.14
3.3.2 編制應急回響計畫文檔 ······························································.14
3.3.3 應急回響計畫的測試、培訓、演練 ···············································.14
3.3.4 應急回響計畫的管理和維護 ························································.14
3.4 信息安全事件分類分級 ·······································································.15
3.4.1 分類分級規範的重要意義 ···························································.15
3.4.2 信息安全事件分類原則 ······························································.16
3.4.3 信息安全事件分級原則 ······························································.16
第4章 網路安全應急回響的常用模型 ················································.18
4.1 網路殺傷鏈與反殺傷鏈模型 ·································································.18
4.2 鑽石模型 ··························································································.19
4.3 自適應安全框架 ················································································.21
4.4 網路安全滑動標尺模型 ·······································································.22
