The words of the great God in those years (the classic sayings must be seen)

Source: Internet
Author: User

question 1: from the beginning to organize the relevant security operations, to fully comb clear, how much manpower costs, time costs? Especially for relatively small enterprises (mainly about 10 developers, operation and maintenance concept, network security awareness is weak), that is, in the first stage to the second phase between the implementation is more difficult?

A: Our company currently has 1 security personnel, operations and maintenance personnel about 10. Time cost is to see the size of the business, you can according to the existing business planning, deal with the old debt, for small and medium-sized enterprises, I think six months, up to a year is enough. The first stage can be half a year, the second phase will be slightly longer


Question 2: How to standardize the next operation, the recent company system is not too stable, resulting in customer complaints, we do operations can only back this pot. It's annoying.
Answer: How to annotate, this is too general. Can find the pain point, the focus is how to solve the pain point, you can find more industry operators to learn some of the solutions, or other counterparts, only the passive initiative will not "back pot."


Question 3: How does your company prevent DDoS attacks, and what is the usual way to do so?
A: We are currently preventing part of DDoS from being blocked by operators, and we have purchased commercial acceleration music to protect


Question 4: What do you do about unified Licensing & Authorization Verification & log auditing in Linux system account management?
A: We are also beginning to do Llinux account management This block, the first root permission to recover, other detection server survival account, unnecessary accounts are to be disabled. Only operations administrators can have root privileges, and other permissions that require access are assigned to normal user rights. Our log is still in the shop, planning elk Way, we use 4A system, can solve the unified account, strategy, audit, certification


Question 5: is your company logged in with a password or a key login? How to prevent employees to log on to the company intranet server after leaving? In addition, each operation has the ability to crash the server database, how to restrict access to the login?

A: We are logged in with a password. All permissions are recycled after the employee leaves, especially the VPN channel. Our database is operated only by DBAs. Database crashes are generally SQL associated query redundancy, no optimizations. You can limit the logging of SQL queries, such as adding top1000. We have developed a database query platform that can audit all SQL queries, as well as sensitive record masking


Continuous collection Updates ...

This article is from the "Wsyht90 blog" blog, make sure to keep this source http://wsyht90.blog.51cto.com/9014030/1846544

The words of the great God in those years (the classic sayings must be seen)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.