Click here to load reader
View
235
Download
3
Embed Size (px)
DESCRIPTION
CISP 课程培训知识总结. 中 国信息安全测评中心. CISP 课程培训知识总 结(安全综合). 主 题. 一、信息安全保障基本知识 二、信息安全保障实践 三、信息安全管理体系 四、信息安全风险管理 五、基本信息安全管理 六、重要信息安全管理措施 七、安全工程原理 八、安全工程实践 九、法律法规 十、安全标准. 课程内容. 通信 (电报 \ 电话). COMSEC. 通信安全. COMPUSEC. 计算机. 计算机安全. 信息系统安全. 信息安全保障. 网络空间安全 / 信息安全保障. INFOSEC. 网络. - PowerPoint PPT Presentation
ThemeGallery PowerTemplate
CISP 2
CISP
45
\6COMSECCOMPUSECINFOSECIACS/IA/ 7
GB/T 20274.1-2006 8P2DRP2DRP2DR9
IAIATF10
111212
1314
1516
1616161617
17
18 19
20
21
ISMS
2222ISMSInformation Security Management System 2324
252627GB/T22080-2008 .PDCA
(plan)(do)checkaction
28
29
ISO 2700030ISO 2700027000~2700327004~27007 27000
27001
27002
2700327004
27005
27006
27007 XXX27001270022700027006270052700327004 ISO 270003127001AISMSISMSP)
(D)
(C)
(A)
32P1-ISMSP2-ISMSP3-P4-P5-P6-P7-SoA
33D1-D2-D3-D4-
D5-ISMSD6-ISMS
D7-D8-34C1-ISMSC2-ISMSC3-ISMSC4-C5-C6-C7-C8-C9-C10-C11-ISMS
35A1-ISMS
A2-
A3-ISMS
A4-36
37
3839
40GB/Z 24364
+=41
42AssetThreat Agent Threat VunerabilityCountermeasure,safeguard,controlLikelihood,Probability Impact,loss RiskResidental Risk
43
GB/Z 24364 --4445
ReadinessRealization CalculationReport SLA
46GB/T 20984-2007
47
=RATV= R(L(TV)F(IaVa ))RATV IaVaLF
1. 481-AV,2-SLESLE SLE SLE (EF) SLE 3-AROARO .494-ALEALE SLE ARO ALE 5-.6-ROSI( ALE ALE= ROSI
50
515252
53 GB/T 22081:2008ISO/IEC 270022005
1139133
545556
57 5960Emergency Response Plan / 123616263RPO/RTO
64
65/RTO/RPO66GB/T 20988
67
6869SSE-CMM
70
71CMM Capability Maturity ModelCMM72SSE-CMMCapability DimensionDomain Dimension
2.4PA 05 73SSE-CMMPAProcess AreaBPBase PracticeBPPABPPASSE-CMM74Base PracticesBase PracticesBase PracticesBase PracticesBase PracticesProcess AreasProcess AreasProcess AreasBP,Base PracticePA129PAProcess AreaBPPA22PA SSE-CMMProcess Capability76GPGeneric Practice CFCommon FeatureGP0-56SSE-CMMSSE-CMMPA
543210PA01PA02PA03PA04PA0578-22PAPAEngineering PAOrganization PAProject PA11PA111179-PAVerify and Validate SecurityPA11Specify Security NeedsPA10Provide Security InputPA09Monitor Security PosturePA08Coordinate SecurityPA07Build Assurance Argument)PA06Assess VulnerabilityPA05Assess ThreatPA04Assess Security Risk)PA03Assess ImpactPA02Administer Security ControlsPA0180-PAPA22PA21PA20PA19PA18PA17PA16PA15PA14PA13PA128112345 082SSE-CMMSSE-CMM
83
84 85ISSEISSE
86
8889CISP 40
901 285286287285912 28528628728628792 29
4247689393 1011
10 11 94 1195119892010429101
95 2---30---20---1096 3---97 448 98///// / / 9999
100101
GB GB/T GB/Z
102( WG1)(WG2WG3WG4WG5WG6 WG7103
TCSECGB/T18336CC CCCCTOEPPSTEALCCCEM GB/T20274
104(TCSEC)1970,1985,ABCDA1B3B2B1C2C1D
105(ITSEC)TCSECF1-F101015TCSECDA610F6 F7F8 F9F106E1 E2E3 E4 E5 E6
106CC 19931996V 1.0, 1998V 2.019996199912ISOISO/IEC 15408ITSECFC107CC TOE(Target of Evaluation)PP (Protection ProfileST( Security Target(Function)(Assurance)(Component)(Package)EAL( Evaluation Assurance Level
108 ISO27001ISO27002CoBITITIL GB/T 20984GB/Z 24364GB/Z 20985GB/Z 20986GB/T 20988
109GB/T 22240GB/T 22239
1101994147 GB 17859-1999:::::111
112CISP
114 194919491949197519491975 1976
115115Stream cipher
116116Block cipherDESIDEARC2RC4RC5Stream cipherOne-time paddingVigenreVernam
117DES56bit3DESDESIDEA128bitAES
117.N n(n-1)/2.
118
119RSADH119N N. 120121AB
A BA
B
A
A
122
123
VPN124124124VPNVPNVPNVPN 125125PPTPPoint to Point Tunnel ProtocalL2TPLayer2 Tunneling Protocol IPSECInternet Portocol Security SOCKs
VPDNVirtual Private Dial Network Intranet VPN Extranet VPN
VPNVPN4 VPNPPTPL2FL2TPIPSECSSL
126126VPNVPN
PKIPKIPublic Key InfrastructurePKIPKI127127PKI/CAPKI CA128128CAPKI,,, PKIPKI
PKI129129129PKIPKICA CA
130130RARAPKICACARACARARACARACARA
131
132132
133133
134134 -
135135 136
136MACDACACLCapacity ListBell-Lapudula Biba Clark-Wilson Chinese Wall RBAC137137/(Access Control Lists)(Capacity List)
138139BLP1973Biba1977BibaBLPClark-Wilson1987David ClarkDavid WilsonChinese Wall1989D. BrewerM. Nash
140140
141141What you know What you have What you are
142142RADIUSTACACSTACACS+Diameter143
144P2P
145
146TCP/IPOSI147TCP/IP148TCPUDPICMPIPIGMPARPRARPIPTCP/IPIPunreliableconnectionlessIP149
TCP:TCPTCP15016163232U A P R S F161616 UDPUDP151161616UDP16UDP
152
15315312WEP5Walker
WAPI
WAPI154154WAPI1WAPI23WAPI4WAPI5WAPI155IPVLAN
156
157--158--159Network IDS)(Host IDS)
--160&
Internet
Intranet
HIDS
NIDS
NIDS
161IPSSocUTMNAC
162LinuxPasswd()Shadowrootrootsuroot shellroot
16316412 SUID/SGID
#ls al testdrwxr-xr-x 3 root root 1024 Sep 13 11:58 test
unix101:d-l 2-10"r""w""x"9(3)(mode bits)
165165umask!166rwxr-xr-xStickysgidsuidrwxr-xr-x111rwsr-sr-t-r-s--x--x 1 root root 10704 Apr 15 2002 /usr/bin/passwd ^SUIDWindows(MBR)(NT)NTLDR Boot.iniNtdetect.comBIOSSYSTEMNtoskrnl.exewindowsSmss.exe
167WindowsSAMWindows168WindowsWindowsACL()WFPWindowsEFS
169WindowsDLL
170Windows171()DNSIISFTP
172Windows
--
Windows(U)173173Windows2000/XP/2003$WINNTWindowsADMIN$.EFSsyskeySAM
174SQLSQL175SQLCREATEDROPALTERSELECTINSERTUPDATEDELETEGRANTREVOKEDENYBEGIN COMMITROLLBACK/DECLARE,EXPLAIN,OPEN,FETCH,CLOSE,PREPARE,EXECUTE,DESCRIBE
:
176177
178 SQL
create view [([] )] as [with check option] [CONSTRAINT constraint]]179PRIMARY KEYFOREIGN KEY180181Begin TransactionEnd Transaction 182WebHTTPWeb183IIS184
/
185
186FTPVPNFTP
187FTP/FTP[PR85]FTPFTPFTP
188189
-!190190
191192
193 Autoexec.bat /Config.sys/win.ini/system.ini /IE
194DLLHook195196
197:
198TOE199CVECommon Vulnerabilities & ExposuresNVDSecuniaSecurity Focus BugtraqIBMISS X-ForceCNNVD
200CNNVDChina National Vulnerability Database of Information SecurityCNNVD201202203
204Dynamic taint analysisxyxt(y)ttyytaint sink204
205206
IP
207-208
IPIP SpoofDNSARPTCP
209SYN FloodUDP FloodTeardropLANDSmurf
210211
88SQL SQL SQL Injection 212http://www.test.com/showdetail.asp?id=49 And (Select top1 table_name from user.tables);--
Select * from where =49 And (update user set passwd=123 where username=admin);
213Security Development Lifecycle (SDL)SDL214
SDL215
12ASR3Threat Modeling216217218219CISPCISPCISECISO10%10%50%30%20%40%10%10%10%10%2212B2 10015
222A010
223224http://www.cisphome.cn
..................
PKI
(Confidentiality)
(Integrity) TimeStamp
Availability
N/A
(Authentication)
(Non-repudiation)
(Authorization & Access Control) N/A