CCT Information Security

Basic information

The National Computer Grade examination three level course--Information security Technology (2016 edition)

Written by the examination center of the Ministry of Education

Publishing house: Higher Education Press

Publication date: 2015-12-1

isbn:9787040443035

Edition: 1

Number of words: 670000

Printing time: 2015-12-1

Folio: 16 Open

Package: Plain

Price: 55.00 RMB

Content Introduction

The book is based on the Ministry of Education Test Center, the national computer Grade three Information security Technology Examination Syllabus (2013 edition) was prepared. The main contents include: Introduction of information security assurance, basic technology and principle of information security, system security, network security, application security, information security management, information security standards and regulations.
The book is comprehensive and systematic, covering almost all knowledge in the field of information security, and focusing on the relationship and cohesion between knowledge, and this book is aimed at information security engineering and practice, and introduces the latest technology of information security and its development trend.
This book can be used as a review book for the third level examination of computer grade examination, also can be used as teaching material of information security technology in higher education, and also as a reference for social readers.

Directory

The 1th chapter of Information Security Assurance Overview
1.1 Information Security Support background
1.1.1 Information technology and its development stage
The impact of 1.1.2 information technology
1.2 Information Security Assurance Foundation
1.2.1 Information Security Development stage
1.2.2 The meaning of information security
The security risks of 1.2.3 information system
1.2.4 The root cause of information security problems
The position and function of 1.2.5 information security
1.2.6 Information Security Technology
1.3 Information Security assurance System
1.3.1 Framework of Information Security assurance system
Security model and technical framework of 1.3.2 Information system
1.4 Basic practice of information security Assurance
A survey of information security assurance at home and abroad 1.4.1
1.4.2 The content of information security guarantee work
Summary
Exercises
The 2nd Chapter Information Security Basic technology and principle
2.1 Cryptographic Technology
2.1.1 Symmetric and asymmetric passwords
2.1.2 Hash function
2.1.3 Digital Signature
2.1.4 Key Management
2.2 Certified Technology
2.2.1 Message Authentication
2.2.2 Identity Verification
2.3 Access Control Technology
2.3.1 Access Control model
2.3.2 Access Control Technology
2.4 Audit and monitoring technology
2.4.1 Audit and monitoring fundamentals
2.4.2 Audit and monitoring technology
Summary
Exercises
3rd Chapter System Security
3.1 Operating system security
3.1.1 Operating system security Fundamentals
3.1.2 Operating system security practices
3.2 Database Security
3.2.1 Database Security Fundamentals
3.2.2 Database Security Practices
Summary
Exercises
The 4th Chapter Network security
4.1 Network Security Fundamentals
4.1.1 TCP/IP protocol architecture
4.1.2 Network protocol
4.2 Cyber security threat technology
4.2.1 Scanning Technology
4.2.2 Network sniffing
4.2.3 Network Protocol Spoofing
4.2.4 Decoy Attack
4.2.5 exploit technology of software vulnerability attack
4.2.6 denial of Service attacks
4.2.7 Web scripting attacks
4.2.8 Remote Control
4.3 Network Security Protection Technology
4.3.1 firewall
4.3.2 Intrusion detection system and intrusion prevention system
4.3.3 PKI
4.3.4 VPN
4.3.5 Network Security Protocol
Summary
Exercises
The 5th Chapter application Safety
5.1 Software vulnerabilities
5.1.1 The concept and characteristics of software vulnerabilities
5.1.2 Classification of software vulnerabilities
5.1.3 Vulnerability Library
5.1.4 Common software Vulnerabilities
5.1.5 software exploit and its protection technology
The development trend of 5.1.6 Software vulnerability
5.2 Software Security Development
5.2.1 Software Development Life cycle
5.2.2 Software Security Development
5.2.3 Software Security Development life cycle
5.3 Software Security Detection
5.3.1 software static security detection technology
5.3.2 software dynamic Security detection technology
5.3.3 software static and dynamic combination security detection technology
5.4 Software Security
5.4.1 Basic concept of software security
5.4.2 Software protection technology based on software technology
5.4.3 Software security protection technology based on hardware media
5.5 Malicious programs
5.5.1 Classification of malicious programs
5.5.2 Malicious program propagation mode and destruction function
5.5.3 Malicious program Detection Avira Technology
Prevention of 5.5.4 Malicious program
5.6 Web Application System security
5.6.1 Web Security Threats
5.6.2 Web Security Protection
5.6.3 Web Security Detection
Summary
Exercises
6th Chapter Information Security Management
6.1 Information Security management system
6.1.1 establishing an information security management framework
The concrete implementation of the 6.1.2 ISMS framework
6.1.3 Information Security management System audit
6.1.4 Information Security management System review
6.1.5 Information Security Management System certification
6.2 Information Security Risk management
6.2.1 About Risk Management
6.2.2 Risk Identification
6.2.3 Risk Assessment
6.2.4 Risk Control Strategy
6.3 Information Security Management measures
6.3.1 Basic Safety management measures
6.3.2 Important Safety Management process
Summary
Exercises
7th Chapter Information Security Standards and regulations
7.1 Information Security Standards
7.1.1 Safety Standardization Overview
7.1.2 Information Security Standardization Organization
7.1.3 Information Security Assessment standard
7.1.4 Grade Protection Standard
7.1.5 Level protection Basic requirements
7.2 Information security related regulations and national policies
7.2.1 The challenge of China's Information network security
7.2.2 Important Information security regulations in force
7.2.3 National Policy on information security
7.3 Code of Ethics for information security practitioners
Summary
Exercises
Appendix 1 National Computer grade examination level Three information security Technology Examination Syllabus (2013 edition)
Appendix 2 The National Computer Grade examination level three information security technical sample question and the reference answer
Reference documents

CCT Information Security