本書為針對國家市場監(jiān)督管理總局����、中國國家標準化管理委員會發(fā)布的國家標準:《信息安全技術 網絡安全等級保護基本要求》的應用指南�,為便于讀者循序漸進地學習、理解該基本要求����,本書首先對該基本要求所涉及的等級保護基本概念、應用場景等分別進行了介紹����,使讀者對其結構����、適用范圍等有一個總體的了解��。在此基礎上�����,本書還對該基本要求的條款進行了詳細的解讀����、說明���,以幫助讀者更好地理解和掌握并應用于實際工作中�����。
本書適合計算機及相關專業(yè)人員閱讀��。
Part 1 General Security Requirement
Chapter 1 Basic Concepts of Cybersecurity Classified Protection3
1.1General Security Requirements3
1.2Objects of Classified Protection4
1.3Security Protection Level5
1.4Security Protection Capability6
1.5Security Control Points and Security Requirements6Chapter 2General Introduction of the Baseline for Classified Protection of Cybersecurity
82.1Frame Structure8
2.2General Security Requirements and Extended Security Requirements8
2.2.1General Security Requirements9
2.2.2Extended Security Requirements10
2.3Differences and Key Points of Each Level11
2.3.1Security Physical Environment11
2.3.2Security Communication Network14
2.3.3Security Area Boundary15
2.3.4Security Computing Environment 17
2.3.5Security Management Center20
2.3.6Security Management System21
2.3.7Security Management Organization22
2.3.8Security Management Personnel24
2.3.9Security Development Management25
2.3.10Security Operation and Maintenance Management28Chapter 3Interpretation on the Security General Requirement of LevelⅠand LevelⅡ34
3.1Security Physical Environment34
3.1.1Physical Location Selection34
3.1.2Physical Access Control34
3.1.3Theft and Vandalism Protection35
3.1.4Lightning Protection35
3.1.5Fire Prevention36
3.1.6Water and Moisture Proof36
3.1.7Antistatic37
3.1.8Temperature and Moisture Control37
3.1.9Power Supply37
3.1.10Electromagnetic Protection38
3.2Security Communication Network38
3.2.1Network Architecture38
3.2.2Communication Transmission39
3.2.3Trusted Verification39
3.3Security Area Boundary40
3.3.1Border Protection40
3.3.2Access Control41
3.3.3Intrusion Prevention42
3.3.4Malicious Code Prevention42
3.3.5Security Audit42
3.3.6Trusted Verification43
3.4Security Computing Environment43
3.4.1Network Equipment43
3.4.2Security Equipment47
3.4.3Servers and Terminals50
3.4.4Business Application System54
3.4.5Data Security57
3.5Security Management Center60
3.5.1System Management60
3.5.2Audit Management60
3.6Security Management System61
3.6.1Security Policy61
3.6.2Management System62
3.6.3Development and Release62
3.6.4Review and Revision62
3.7Security Management Organization63
3.7.1Post Setting63
3.7.2Staffing64
3.7.3Authorization and Approval64
3.7.4Communication and Cooperation64
3.7.5Audit and Inspection65
3.8Security Management Personnel66
3.8.1Personnel Recruitment66
3.8.2Personnel Departure66
3.8.3Security Awareness Education and Training66
3.8.4External Access Management67
3.9Security Construction Management68
3.9.1Classification and Filing68
3.9.2Security Scheme Design68
3.9.3Procurement and Use of Products69
3.9.4Independent Software Development69
3.9.5Outsourcing Software Development70
3.9.6Project Implementation70
3.9.7Acceptance Testing71
3.9.8System Delivery71
3.9.9Level Evaluation72
3.9.10Service Provider Selection72
3.10Security Operation and Maintenance Management73
3.10.1Environmental Management73
3.10.2Asset Management73
3.10.3Media Management74
3.10.4Equipment Maintenance Management74
3.10.5Vulnerability and Risk Management75
3.10.6Network and System Security Management75
3.10.7Prevention and Management of Malicious Code76
3.10.8Configuration Management76
3.10.9Cryptography Management77
3.10.10Change Management77
3.10.11Backup and Recovery Management77
3.10.12Security Incident Handling78
3.10.13Emergency Plan Management78
3.10.14Outsourcing Operation and Maintenance Management79Chapter 4Interpretation on the Security General Requirements of Level Ⅲ and Level Ⅳ80
4.1Security Physical Environment80
4.1.1Physical Location Selection80
4.1.2Physical Access Control80
4.1.3Theft and Vandalism Protection81
4.1.4Lightning Protection81
4.1.5Fire Prevention82
4.1.6Waterproof and Moisture Proof83
4.1.7Antistatic83
4.1.8Temperature and Moisture Control83
4.1.9Power Supply84
4.1.10Electromagnetic Protection84
4.2Security Communication Network85
4.2.1Network Architecture85
4.2.2Communication Transmission87
4.2.3Trusted Verification88
4.3Security Area Boundary89
4.3.1Border Protection89
4.3.2Access Control91
4.3.3Intrusion Prevention92
4.3.4Malicious Code and Spam Prevention93
4.3.5Security Audit93
4.3.6Trusted Verification94
4.4Security Computing Environment95
4.4.1Network Equipment95
4.4.2Security Equipment99
4.4.3Servers and Terminals104
4.4.4Business Application System110
4.5Security Management Center117
4.5.1System Management117
4.5.2Audit Management118
4.5.3Security Management119
4.5.4Centralized Control120
4.6Security Management System121
4.6.1Security Policy121
4.6.2Management System122
4.6.3Development and Release122
4.6.4Review and Revision123
4.7Security Management Organization123
4.7.1Post Setting123
4.7.2Staffing124
4.7.3Authorization and Approval124
4.7.4Communication and Cooperation125
4.7.5Audit and Inspection126
4.8Security Management Personnel127
4.8.1Personnel Recruitment127
4.8.2Personnel Departure127
4.8.3Security Awareness Education and Training128
4.8.4External Access Management128
4.9Security Construction Management129
4.9.1Classification and Filing129
4.9.2Security Scheme Design130
4.9.3Procurement and Use of Products130
4.9.4Independent Software Development131
4.9.5Outsourcing Software Development132
4.9.6Project Implementation132
4.9.7Acceptance Testing133
4.9.8System Delivery133
4.9.9Level Evaluation134
4.9.10Service Provider Selection134
4.10Security Operation and Maintenance Management135
4.10.1Environmental Management135
4.10.2Asset Management135
4.10.3Media Management136
4.10.4Equipment Maintenance Management136
4.10.5Vulnerability and Risk Management137
4.10.6Network and System Security Management137
4.10.7Prevention and Management of Malicious Code139
4.10.8Configuration Management139
4.10.9Cryptography Management140
4.10.10Change Management140
4.10.11Backup and Recovery Management140
4.10.12Security Incident Handling141
4.10.13Emergency Plan Management142
4.10.14Outsourcing Operation and Maintenance Management142
Part 2Extended Security Requirement
Chapter 5Extended Requirements for Cloud Computing Security147
5.1Overview of Cloud Computing Security147
5.1.1Introduction of Cloud Computing147
5.1.2Objects of Cloud Computing Classified Protection152
5.1.3Extended Requirements for Cloud Computing Security153
5.1.4Cloud Computing Security Measures and Services156
......
9.1O verview of Big Data Security233
9.1.1Big Data233
9.1.2Big Data Deployment Model233
9.1.3Big Data Processing Model234
9.1.4Big Data Related Security Capabilities234
9.1.5Big Data Security240
9.1.6Patterns of Big Data Related Classification Objects241
9.1.7Security Requirements at All Levels243
9.2Interpretation of Security Requirements for Level Ⅰ and Level Ⅱ Big Data Systems 247
9.2.1Security Physical Environment247
9.2.2Security Communications Network248
9.2.3Security Computing Environment248
9.2.4Security Management Center250
9.2.5Security Development Management251
9.2.6Security Operations Management251
9.3Interpretation of Security Requirements for Level Ⅲ and Level Ⅳ Big Data Systems252
9.3.1Security Physical Environment252
9.3.2Security Communication Network252
9.3.3Security Computing Environment254
9.3.4Security Management Center257
9.3.5Security Development Management259
9.3.6Security Operations and Maintenance Management260
書單推薦
