久久先锋,aa视频在线播放,婷婷在线观看视频

網(wǎng)絡(luò)安全應(yīng)急響應(yīng)基礎(chǔ)理論及關(guān)鍵技術(shù)

定價(jià)：¥69

中教價(jià)：¥37.95 (5.50折）促銷

庫存數(shù)： 0

購買數(shù)量：

本書主要針對網(wǎng)絡(luò)安全專業(yè)的從業(yè)者、學(xué)生、愛好者，概述了網(wǎng)絡(luò)安全應(yīng)急響應(yīng)方面國外的應(yīng)對舉措、以及我國應(yīng)急響應(yīng)體系及機(jī)構(gòu)建設(shè)、法律法規(guī)解讀，并對應(yīng)急響應(yīng)所涉及的基礎(chǔ)理論和關(guān)鍵技術(shù)進(jìn)行了重點(diǎn)研究及闡釋，幫助從業(yè)人員全面了解國際國內(nèi)應(yīng)急響應(yīng)國家的法律、法規(guī)、行業(yè)標(biāo)準(zhǔn)及規(guī)范、關(guān)鍵技術(shù)原理及應(yīng)用，本書注重理論闡釋和實(shí)踐在操作相結(jié)合的原則，通過案例分析和工具使用，一是加強(qiáng)對理論的理解，同時(shí)也有助于提高讀者的動手操作能力。

劉永剛，男，本科畢業(yè)，高級工程師。1984年10月份入伍，1986年9月至1989年7月于中國人名解放軍重慶通信學(xué)院學(xué)習(xí)，畢業(yè)后被分配61938部隊(duì)從事網(wǎng)絡(luò)運(yùn)行管理。1992年9月至1996年7月在合肥電子工程學(xué)院學(xué)習(xí)。畢業(yè)后至今，回原單位先后任工程師、訓(xùn)練室主任、分站副站部長、站長、高級工師等職。2007年被評為總參優(yōu)秀專業(yè)技術(shù)人才,并享受部隊(duì)特殊津貼，現(xiàn)為站專家委員會委員。

第1章網(wǎng)絡(luò)安全應(yīng)急響應(yīng)業(yè)務(wù)的發(fā)展簡史 ············································.1
1.1 網(wǎng)絡(luò)安全應(yīng)急響應(yīng)業(yè)務(wù)的由來 ·······························································.1
1.2 國際網(wǎng)絡(luò)安全應(yīng)急響應(yīng)組織的發(fā)展 ·························································.2
1.2.1 FIRST 介紹 ···············································································.2
1.2.2 APCERT 介紹 ············································································.2
1.2.3 國家級 CERT 情況······································································.2
1.3 我國網(wǎng)絡(luò)安全應(yīng)急響應(yīng)組織體系的發(fā)展簡介 ·············································.3
第2章網(wǎng)絡(luò)安全應(yīng)急響應(yīng)概述 ···························································.5
2.1 網(wǎng)絡(luò)安全應(yīng)急響應(yīng)相關(guān)概念 ··································································.5
2.2 網(wǎng)絡(luò)安全與信息安全 ···········································································.5
2.3 產(chǎn)生網(wǎng)絡(luò)安全問題的原因分析 ·······························································.6
2.3.1 技術(shù)方面的原因 ·········································································.6
2.3.2 管理方面的原因 ·········································································.8
第3章網(wǎng)絡(luò)安全應(yīng)急響應(yīng)法律法規(guī) ·····················································.9
3.1 我國網(wǎng)絡(luò)安全應(yīng)急響應(yīng)相關(guān)法律法規(guī)、政策 ·············································.9
3.2 《網(wǎng)絡(luò)安全法》的指導(dǎo)意義 ·································································.10
3.2.1 建立網(wǎng)絡(luò)安全監(jiān)測預(yù)警和信息通報(bào)制度 ·········································.10
3.2.2 建立網(wǎng)絡(luò)安全風(fēng)險(xiǎn)評估和應(yīng)急工作機(jī)制 ·········································.11
3.2.3 制定網(wǎng)絡(luò)安全事件應(yīng)急預(yù)案并定期演練 ·········································.12
3.3 《信息安全技術(shù) 信息安全應(yīng)急響應(yīng)計(jì)劃規(guī)范》（GB/T24363—2009） ··················.13
3.3.1 應(yīng)急響應(yīng)需求分析和應(yīng)急響應(yīng)策略的確定 ······································.14
3.3.2 編制應(yīng)急響應(yīng)計(jì)劃文檔 ······························································.14
3.3.3 應(yīng)急響應(yīng)計(jì)劃的測試、培訓(xùn)、演練 ···············································.14
3.3.4 應(yīng)急響應(yīng)計(jì)劃的管理和維護(hù) ························································.14
3.4 信息安全事件分類分級 ·······································································.15
3.4.1 分類分級規(guī)范的重要意義 ···························································.15
3.4.2 信息安全事件分類原則 ······························································.16
3.4.3 信息安全事件分級原則 ······························································.16
第4章網(wǎng)絡(luò)安全應(yīng)急響應(yīng)的常用模型 ················································.18
4.1 網(wǎng)絡(luò)殺傷鏈與反殺傷鏈模型 ·································································.18
4.2 鉆石模型 ··························································································.19
4.3 自適應(yīng)安全框架 ················································································.21
4.4 網(wǎng)絡(luò)安全滑動標(biāo)尺模型 ·······································································.22
第5章應(yīng)急響應(yīng)處置流程 ·······························································.24
5.1 準(zhǔn)備階段 ··························································································.24
5.1.1 準(zhǔn)備的目的 ··············································································.24
5.1.2 準(zhǔn)備的實(shí)施 ··············································································.25
5.2 檢測階段 ··························································································.27
5.2.1 檢測的目的 ··············································································.27
5.2.2 檢測的實(shí)施 ··············································································.27
5.3 遏制階段 ··························································································.28
5.3.1 遏制的目的 ··············································································.28
5.3.2 遏制的實(shí)施 ··············································································.29
5.4 根除階段 ··························································································.30
5.4.1 根除的目的 ··············································································.30
5.4.2 根除的實(shí)施 ··············································································.30
5.5 恢復(fù)階段 ··························································································.31
5.5.1 恢復(fù)的目的 ··············································································.31
5.5.2 恢復(fù)的實(shí)施 ··············································································.31
5.6 總結(jié)階段 ··························································································.32
5.6.1 總結(jié)的目的 ··············································································.32
5.6.2 總結(jié)的實(shí)施 ··············································································.33
第6章網(wǎng)絡(luò)安全應(yīng)急響應(yīng)的實(shí)施體系 ················································.34
6.1 應(yīng)急響應(yīng)實(shí)施體系的研究背景與重要性 ··················································.34
6.1.1 應(yīng)急響應(yīng)實(shí)施體系的研究背景 ·····················································.34
6.1.2 應(yīng)急響應(yīng)實(shí)施體系的重要性 ························································.34
6.2 應(yīng)急響應(yīng)人員體系 ·············································································.35
6.2.1 應(yīng)急響應(yīng)小組的主要工作及目標(biāo) ··················································.35
6.2.2 人員組成 ·················································································.35
6.2.3 職能劃分 ·················································································.36
6.3 應(yīng)急響應(yīng)技術(shù)體系 ·············································································.36
6.3.1 事前技術(shù) ·················································································.37
6.3.2 事中技術(shù) ·················································································.39
6.3.3 事后技術(shù) ·················································································.40
6.4 應(yīng)急響應(yīng)實(shí)施原則 ·············································································.40
6.4.1 可行性原則 ··············································································.41
6.4.2 信息共享原則 ···········································································.41
6.4.3 動態(tài)性原則 ··············································································.42
6.4.4 可審核性原則 ···········································································.42
6.5 應(yīng)急響應(yīng)實(shí)施制度 ·············································································.42
6.5.1 實(shí)施制度總則 ···········································································.42
6.5.2 日常風(fēng)險(xiǎn)防范制度 ····································································.43
6.5.3 定期演訓(xùn)制度 ···········································································.43
6.5.4 定期會議交流制度 ····································································.43
第7章重大活動網(wǎng)絡(luò)安全保障 ·························································.45
7.1 重大活動網(wǎng)絡(luò)安全保障的研究背景與其獨(dú)特性 ·········································.45
7.1.1 研究背景 ·················································································.45
7.1.2 重保的獨(dú)特性 ···········································································.45
7.2 重保體系建設(shè)的基礎(chǔ) ··········································································.46
7.2.1 明確重保對象 ···········································································.46
7.2.2 確立重保目標(biāo) ···········································································.47
7.2.3 梳理重保資產(chǎn)清單 ····································································.47
7.3 重保體系設(shè)計(jì) ···················································································.49
7.3.1 管理體系 ·················································································.49
7.3.2 組織體系 ·················································································.50
7.3.3 技術(shù)體系 ·················································································.50
7.3.4 運(yùn)維體系 ·················································································.50
7.4 重保核心工作 ···················································································.51
7.4.1 風(fēng)險(xiǎn)識別 ·················································································.51
7.4.2 風(fēng)險(xiǎn)評估 ·················································································.52
7.4.3 風(fēng)險(xiǎn)應(yīng)對計(jì)劃 ···········································································.52
7.4.4 風(fēng)險(xiǎn)的監(jiān)控與調(diào)整 ····································································.53
7.5 重保實(shí)現(xiàn)過程 ···················································································.53
7.5.1 備戰(zhàn)階段 ·················································································.53
7.5.2 臨戰(zhàn)階段 ·················································································.53
7.5.3 實(shí)戰(zhàn)階段 ·················································································.54
7.5.4 決戰(zhàn)階段 ·················································································.54
第8章數(shù)據(jù)驅(qū)動的應(yīng)急響應(yīng)處理機(jī)制 ················································.55
8.1 概念分析 ··························································································.55
8.1.1 數(shù)據(jù)驅(qū)動的產(chǎn)業(yè)革命 ·································································.55
8.1.2 數(shù)據(jù)驅(qū)動的應(yīng)急響應(yīng)處理機(jī)制 ·····················································.56
8.2 需求分析 ··························································································.57
8.2.1 大數(shù)據(jù)場景中的應(yīng)急響應(yīng)處理的特殊要求 ······································.57
8.2.2 無人化戰(zhàn)場中的應(yīng)急響應(yīng)處理機(jī)制的必要選擇 ································.60
8.2.3 精細(xì)化管理中的應(yīng)急響應(yīng)處理機(jī)制的有效方法 ································.62
8.3 解決方案 ··························································································.63
8.3.1 數(shù)據(jù)驅(qū)動的事故預(yù)防機(jī)制 ···························································.63
8.3.2 數(shù)據(jù)驅(qū)動的事故處置機(jī)制 ···························································.65
8.3.3 數(shù)據(jù)驅(qū)動的事故尋因機(jī)制 ···························································.66
第9章操作系統(tǒng)加固優(yōu)化技術(shù) ·························································.68
9.1 簡介 ································································································.68
9.2 操作系統(tǒng)加固技術(shù)原理 ·······································································.68
9.2.1 身份鑒別 ·················································································.69
9.2.2 訪問控制 ·················································································.69
9.2.3 安全審計(jì) ·················································································.70
9.2.4 安全管理 ·················································································.70
9.2.5 資源控制 ·················································································.71
9.3 操作系統(tǒng)加固實(shí)際操作 ·······································································.71
9.3.1 系統(tǒng)口令加固 ···········································································.71
9.3.2 系統(tǒng)賬戶優(yōu)化 ···········································································.76
9.3.3 系統(tǒng)服務(wù)優(yōu)化 ···········································································.81
9.3.4 系統(tǒng)日志設(shè)置 ···········································································.84
9.3.5 遠(yuǎn)程登錄設(shè)置 ···········································································.87
9.3.6 系統(tǒng)漏洞修補(bǔ) ···········································································.90
9.4 經(jīng)典案例分析與工具介紹 ····································································.92
9.4.1 “一密管天下” ········································································.92
9.4.2 臭名昭著的勒索病毒—WannaCry ·················································.93
9.4.3 主機(jī)安全加固軟件 ····································································.93
第10章網(wǎng)絡(luò)欺騙技術(shù) ·································································.105
10.1 綜述 ····························································································.105
10.2 網(wǎng)絡(luò)欺騙技術(shù) ················································································.105
10.2.1 蜜罐 ···················································································.106
10.2.2 影子服務(wù)技術(shù) ·······································································.113
10.2.3 虛擬網(wǎng)絡(luò)拓?fù)浼夹g(shù) ·································································.113
10.2.4 蜜標(biāo)技術(shù) ·············································································.113
10.3 欺騙技術(shù)發(fā)展趨勢 ··········································································.114
10.4 欺騙技術(shù)的工具介紹 ·······································································.114
10.5 欺騙技術(shù)運(yùn)用原則與案例 ·································································.122
10.5.1 運(yùn)用原則 ·············································································.122
10.5.2 運(yùn)用案例 ·············································································.123
第11章追蹤與溯源 ····································································.126
11.1 追蹤與溯源概述 ·············································································.126
11.1.1 追蹤與溯源的含義及作用 ························································.126
11.1.2 追蹤與溯源的分類 ·································································.126
11.2 追蹤溯源技術(shù) ················································································.127
11.2.1 網(wǎng)絡(luò)流量追蹤溯源技術(shù) ···························································.127
11.2.2 惡意代碼樣本分析溯源技術(shù) ·····················································.129
11.3 追蹤溯源工具及系統(tǒng) ·······································································.135
11.3.1 Traceroute 小程序 ··································································.135
11.3.2 科來網(wǎng)絡(luò)回溯分析系統(tǒng) ···························································.136
11.4 攻擊溯源的常見思路 ·······································································.138
11.4.1 組織內(nèi)部異常操作者 ······························································.138
11.4.2 組織內(nèi)部攻擊者 ····································································.138
11.4.3 組織外部攻擊者 ····································································.139
11.5 溯源分析案例 ················································································.139
第12章防火墻技術(shù) ····································································.143
12.1 防火墻的定義及功能 ·······································································.143
12.1.1 防火墻的定義 ·······································································.143
12.1.2 防火墻的功能 ·······································································.143
12.2 防火墻的分類 ················································································.144
12.2.1 包過濾防火墻 ·······································································.144
12.2.2 狀態(tài)檢測防火墻 ····································································.145
12.2.3 應(yīng)用代理防火墻 ····································································.146
12.3 防火墻的體系結(jié)構(gòu) ··········································································.146
12.3.1 雙重宿主主機(jī)體系結(jié)構(gòu) ···························································.147
12.3.2 主機(jī)屏蔽型體系結(jié)構(gòu) ······························································.147
12.3.3 子網(wǎng)屏蔽型體系結(jié)構(gòu) ······························································.149
12.4 防火墻的發(fā)展 ················································································.149
12.4.1 防火墻的應(yīng)用 ·······································································.149
12.4.2 防火墻的發(fā)展趨勢 ·································································.155
第13章惡意代碼分析技術(shù) ···························································.157
13.1 惡意代碼概述 ················································································.157
13.1.1 惡意代碼的概念 ····································································.157
13.1.2 惡意代碼的分類 ····································································.157
13.1.3 惡意代碼的傳播途徑 ······························································.158
13.1.4 惡意代碼存在的原因分析 ························································.159
13.1.5 惡意代碼的攻擊機(jī)制 ······························································.159
13.1.6 惡意代碼的危害 ····································································.160
13.2 惡意代碼分析技術(shù) ··········································································.160
13.2.1 惡意代碼分析技術(shù)概述 ···························································.160
13.2.2 靜態(tài)分析技術(shù) ·······································································.161
13.2.3 動態(tài)分析技術(shù) ·······································································.171
13.3 面對惡意代碼攻擊的應(yīng)急響應(yīng) ···························································.180
13.3.1 應(yīng)急響應(yīng)原則 ·······································································.180
13.3.2 應(yīng)急響應(yīng)流程 ·······································································.181
13.4 實(shí)際案例分析 ················································································.182
13.4.1 查看惡意代碼基本信息 ···························································.183
13.4.2 查看惡意代碼的主要行為 ························································.183
13.4.3 工具分析惡意代碼 ·································································.185
13.4.4 應(yīng)急響應(yīng)措施 ·······································································.186
第14章安全取證技術(shù) ·································································.187
14.1 安全取證技術(shù)基本介紹 ····································································.187
14.1.1 目標(biāo) ···················································································.187
14.1.2 特性 ···················································································.187
14.1.3 原則 ···················································································.188
14.1.4 現(xiàn)狀 ···················································································.188
14.1.5 發(fā)展趨勢 ·············································································.188
14.1.6 注意事項(xiàng) ·············································································.188
14.2 安全取證基本步驟 ··········································································.189
14.2.1 保護(hù)現(xiàn)場 ·············································································.189
14.2.2 獲取證據(jù) ·············································································.189
14.2.3 保全證據(jù) ·············································································.189
14.2.4 鑒定證據(jù) ·············································································.190
14.2.5 分析證據(jù) ·············································································.190
14.2.6 進(jìn)行追蹤 ·············································································.190
14.2.7 出示證據(jù) ·············································································.190
14.3 安全取證技術(shù)介紹 ··········································································.190
14.3.1 安全掃描 ·············································································.190
14.3.2 流量采集與分析 ····································································.193
14.3.3 日志采集與分析 ····································································.194
14.3.4 源碼分析 ·············································································.201
14.3.5 數(shù)據(jù)收集與挖掘 ····································································.201
14.4 安全取證工具介紹 ··········································································.202
14.4.1 工具概況 ·············································································.202
14.4.2 工具介紹 ·············································································.203
14.4.3 廠商研制工具 ·······································································.217
14.5 安全取證案例剖析 ··········································································.217
14.5.1 勒索病毒爆發(fā) ·······································································.217
14.5.2 網(wǎng)絡(luò)攻擊 ·············································································.219
第15章計(jì)算機(jī)病毒事件應(yīng)急響應(yīng) ··················································.222
15.1 計(jì)算機(jī)病毒事件處置 ·······································································.222
15.1.1 計(jì)算機(jī)病毒分類 ····································································.222
15.1.2 計(jì)算機(jī)病毒檢測與清除 ···························································.224
15.1.3 計(jì)算機(jī)病毒事件應(yīng)急響應(yīng) ························································.226
15.2 計(jì)算機(jī)病毒事件處置工具示例 ···························································.228
15.2.1 常用系統(tǒng)工具 ·······································································.228
15.2.2 計(jì)算機(jī)病毒分析工具 ······························································.229
15.2.3 計(jì)算機(jī)病毒查殺工具 ······························································.235
15.2.4 系統(tǒng)恢復(fù)及加固工具 ······························································.237
15.3 計(jì)算機(jī)病毒事件應(yīng)急響應(yīng)處置思路及案例 ···········································.240
15.3.1 計(jì)算機(jī)病毒事件應(yīng)急響應(yīng)思路 ··················································.240
15.3.2 勒索病毒處置案例 ·································································.240
15.3.3 某未知文件夾病毒處置案例 ·····················································.242
第16章分布式拒絕服務(wù)攻擊事件應(yīng)急響應(yīng) ······································.243
16.1 DDOS攻擊介紹 ··············································································.243
16.1.1 DoS 攻擊 ·············································································.243
16.1.2 DDoS 攻擊 ···········································································.243
16.1.3 DDoS 攻擊分類 ·····································································.244
16.1.4 DDoS 攻擊步驟 ·····································································.248
16.2 DDOS攻擊應(yīng)急響應(yīng)策略 ··································································.249
16.2.1 預(yù)防和防范（攻擊前） ···························································.249
16.2.2 檢測和過濾（攻擊時(shí)） ···························································.250
16.2.3 追蹤和溯源（攻擊后） ···························································.252
16.3 DDOS攻擊事件處置相關(guān)案例 ····························································.252
16.3.1 GitHub 攻擊（2018 年） ·························································.252
16.3.2 Dyn 攻擊（2016 年） ·····························································.254
16.3.3 Spamhaus 攻擊（2013 年） ······················································.255
16.4 DDOS常見檢測防御工具 ··································································.257
16.4.1 DDoS 攻擊測試工具 ·······························································.257
16.4.2 DDoS 監(jiān)測防御工具 ·······························································.260
第17章信息泄露事件處置策略 ·····················································.266
17.1 信息泄露事件基本概念和理論 ···························································.266
17.2 信息防泄露技術(shù)介紹 ·······································································.267
17.2.1 信息存儲防泄露技術(shù)介紹 ························································.267
17.2.2 信息傳輸防泄露技術(shù)介紹 ························································.267
17.2.3 信息使用防泄露技術(shù)介紹 ························································.268
17.2.4 信息防泄露技術(shù)趨勢分析 ························································.268
17.3 信息防泄露策略分析 ·······································································.269
17.3.1 立法 ···················································································.270
17.3.2 管控 ···················································································.270
17.3.3 技術(shù) ···················································································.271
第18章高級持續(xù)性威脅 ······························································.273
18.1 APT攻擊活動 ················································································.273
18.1.1 活躍的 APT 組織 ···································································.273
18.1.2 典型的 APT 攻擊案例 ·····························································.275
18.2 APT概述 ······················································································.276
18.2.1 APT 含義與特征 ····································································.276
18.2.2 APT 攻擊流程 ·······································································.277
18.2.3 APT 技術(shù)手段 ·······································································.278
18.3 APT攻擊的檢測與響應(yīng) ····································································.280
18.4 APT行業(yè)產(chǎn)品和技術(shù)方案 ·································································.281
18.4.1 綠盟威脅分析系統(tǒng) ·································································.282
18.4.2 天融信高級威脅檢測系統(tǒng) ························································.285
參考文獻(xiàn) ····················································································.287

你還可能感興趣

我要評論

您的姓名	驗(yàn)證碼：
留言內(nèi)容

xxxfreesexmoves-haodiaocao这里只有精品视频-欧美性受黑人性爽-欧美性受xxxxxx黑人xyx性爽|www.jsyyzsb.com