Traditional Culture Encyclopedia - Traditional customs - Short answer what is information security
Short answer what is information security
Importance
Actively Promoting Information Security Level Protection
Information, as a resource, is of particular importance to mankind because of its ubiquity, *** enjoyment, value-addedness, processability, and multi-utility. The essence of information security is to protect the information resources in the information system or information network from all types of threats, interference and damage, i.e. to ensure the security of information. According to the definition of the International Organization for Standardization, the meaning of information security mainly refers to the integrity, availability, confidentiality and reliability of information. Information security is an issue to which any country, ***, sector or industry must pay great attention, and it is a national security strategy that cannot be ignored. However, for different sectors and industries, their requirements and focus on information security are different. China's reform and opening up has brought about a sharp increase in the amount of information in all aspects, and requires high-capacity, high-efficiency transmission of such information. In order to adapt to this situation, communication technology has undergone unprecedented explosive development. At present, in addition to wired communications, short-wave, ultra-short-wave, microwave, satellite and other radio communications are being more and more widely used. At the same time, foreign hostile forces, in order to steal our country's political, military, economic, scientific and technological secret information, use reconnaissance stations, reconnaissance ships, reconnaissance planes, satellites and other means to form a three-dimensional reconnaissance network combining fixed and mobile, long-distance and short-distance, and aerial and terrestrial, to intercept information in our country's communication transmissions. It has long been commonplace to learn the inner workings of a society from its literature. In the last 50 years of the 20th century, it is becoming easier and easier to learn the inside story of a society from socially owned computers. Institutions and individuals alike are entrusting computers with an ever-increasing number of things; sensitive information is being transferred between computer systems over fragile communication lines; proprietary information is being stored in computers or transferred between computers; electronic banking allows financial accounts to be accessed over communication lines; law enforcement learns about criminals' criminal pasts from computers; doctors manage their medical records with computers; and all of this is being done with the help of computers. computer management of medical records, all of which, the most important issue is not to transmit information under conditions that do not guard against illegal (unauthorized) acquisition (access). There are many ways of transmitting information, including local computer networks, the Internet and distributed databases, cellular wireless, packet-switched wireless, satellite videoconferencing, e-mail and various other transmission technologies. Information is stored, processed and exchanged in the process, there are leaks or the possibility of interception, eavesdropping, tampering and forgery. It is not difficult to see that a single confidentiality measures have been very difficult to ensure the security of communications and information, must be a comprehensive application of a variety of confidentiality measures, that is, through the technical, managerial and administrative means, to realize the source, signal, information, the protection of the three links, in order to achieve the purpose of the security of secret information.
Question 2: What are the three basic attributes of information security? The basic attributes of information security are mainly manifested in the following five aspects:
(1) Confidentiality (Confidentiality)
That is, to ensure that the information for the enjoyment of the authorized person and not leaked to unauthorized persons.
(2) Integrity
That is, to ensure that the information is transmitted from the real sender to the real recipient, the transmission process has not been added, deleted, replaced by illegal users.
(3) Availability
That is, to ensure that the information and information systems at any time to provide services to authorized persons, to ensure that the use of information and resources by legitimate users will not be unreasonably rejected.
(4) controllability (Controllability)
That is, for the interests of the state and institutions and the needs of social management, to ensure that managers can implement the necessary control management of information to combat social crime and foreign enemy aggression.
(5) Non-Repudiation (Non-Repudiation)
That is, people are responsible for their own information behavior, to provide assurance that the society according to law management needs to notarize and arbitrate information evidence.
This should be a newer definition, I am this professional. Basic attributes then is confidentiality! Integrity! Undeniable!!!
Question 3: Briefly describe the five basic elements of computer information security? Availability (Availability): Authorized entities can access resources and services when needed. Availability means that whenever the user needs, the information system must be available, that is, the information system can not refuse service. The most basic function of the network is to provide users with the required information and communication services, while the user's communication requirements are random, multifaceted (voice, data, text and images, etc.), and sometimes require timeliness. The network must be ready to meet the user communication requirements. Attackers usually use resource-hogging tactics to hinder the work of authorized persons. Access control mechanisms can be used to prevent unauthorized users from accessing the network, thus ensuring the availability of the network system. Enhancing availability also includes how to effectively avoid system failures due to various disasters (wars, earthquakes, etc.).
Performance Reliability (Reliability): Reliability refers to the system under the specified conditions and within the specified time, the probability of completing the specified functions. Reliability is one of the most basic requirements of network security, the network is not reliable, accidents constantly, there is no network security. At present, the research on network reliability basically focuses on hardware reliability. Development of high-reliability components and equipment, to take reasonable redundancy and backup measures is still the most basic reliability countermeasures, however, there are many failures and accidents, is related to software reliability, personnel reliability and environmental reliability.
Integrity: The property that information is not destroyed by accidental or intentional deletion, modification, forgery, disorganization, replay, insertion, and so on. Only those who have permission can modify the entity or process, and can discern whether the entity or process has been tampered with. That is, the content of information cannot be modified by unauthorized third parties. Information is not modified or destroyed during storage or transmission, and there is no loss or disorganization of information packets.
Confidentiality: Confidentiality refers to ensuring that information is not exposed to unauthorized entities or processes. That is, the content of the information will not be unauthorized third parties know. The information referred to here not only includes state secrets, but also includes a variety of social groups, business organizations and commercial secrets, personal secrets and personal privacy (such as browsing habits, shopping habits). To prevent the theft and leakage of information security technology is called confidentiality technology.
Non-repudiation (Non-Repudiation): also known as non-repudiation. Non-repudiation is oriented towards communication between the two sides (people, entities or processes) information is really the same security requirements, which includes the receipt and sending of both sides can not be denied. The first is proof of origin, which provides the receiver of the message with evidence that will enable the sender to falsely claim not to have sent the information or to deny its content; the second is proof of delivery, which provides the sender of the message with evidence that will enable the receiver to falsely claim not to have received the information or to deny its content.
Question 4: Briefly explain what information security level protection is, and what are the specific levels of security level protection of information systems? Refers to the national security, legal persons and other organizations and citizens of the proprietary information and *** information and storage, transmission, processing of such information information information system hierarchical implementation of security protection, information security products used in the information system to implement the management of the hierarchy, the information security events occurring in the information system hierarchical response, disposal.
The level of protection is divided into five levels, the lowest level of the highest five levels:
Level 1: user autonomy protection level;
Level 2: System Audit protection level;
Level 3: Security Factory Note protection level;
Level 4: Structured protection level;
Level 5: Access Authentication protection level."
As for the explanation of each level of simple points to the analogy, you can think of it this way, the general county-level common system counts 1-2 level or so, the local municipal level 2 is more important point of the level of about 3, most of the provincial department to level 3, important point of the level of 4, but not much, the state ministries and commissions level 4 began to be more than the national security of the level of five.
Question 5: Please briefly describe the common information security protection methods Common information security protection methods:
1, disable unnecessary services; 2, according to the patch program; 3, the installation of security products; 4, to improve security awareness; 5, to develop good habits; 6, timely backup data.
Question 6: Briefly describe the characteristics of information security Information Security Features:
- Offensive and defensive features: offensive and defensive techniques to improve alternately
- Relativity: information security is always relative, enough to work on it
- Supporting Characteristics: information security is always a companion role, can not be safe for the sake of safety, the application of security is a precursor
- Dynamic: Information security is a continuous process
Six aspects of information security:
- Confidentiality (C, confidentiality): information is not leaked to non-authorized users, entities or process characteristics
- Integrity (I, integrity): data can not be unauthorized to change the characteristics of the information stored or transmitted in the process of maintaining not be modified, not be changed. The process of storage or transmission of information to remain unaltered, undamaged and lost characteristics.
- Availability (A, availability ): can be accessed by authorized entities and used on demand, that is, when needed, should be able to access the required information.
- Authenticity: the authenticity of the content
- Verifiability: the ability to control the dissemination of information and content, access control is controlled.
- Reliability: system reliability
Question 7: Short Answer What is network management Network management is to ensure that the network is safe, reliable, efficient and stable operation of the necessary means. cims network management, is to monitor, analyze and control the cims network, to ensure that the effective realization of cims network services. With the expansion of network scale and the increase of network complexity, network management has become an essential part of the whole network system. From the usage point of view, a network management system should meet the following requirements:
①Support the ability to monitor and control the network at the same time;
②Ability to manage all the network protocols;
③The largest possible management scope;
④The smallest possible system overhead;
⑤Ability to manage the connecting devices of different manufacturers;
⑥Accommodate different manufacturers' networking devices;
⑥Accommodate different manufacturers' networking devices.
⑥ Accommodate different network management systems.
Currently, the main standards for network management are OSI's CIMP and IETF's SNMP. essentially, SNMP is a simplification of CIMP. With the development of the Internet and the widespread use of Intranets in enterprises, IETF's SNMP has become the main protocol for enterprise network management. According to the network management framework of OSI and the network characteristics of CIMS, a CIMS network management system must have the following functions:
(1) Failure management Failure management is a basic network management function, which is related to the work of failure detection, failure diagnosis and recovery and other parts of the work, which is designed to ensure that the network can provide a continuous and reliable service. unexpected CIMS network service interruptions often cause a great impact on the production and operation of the enterprise. Moreover, in a large enterprise's CIMS network, the occurrence of failure faults, it is often difficult to determine the point of failure, which requires failure management to provide gradual isolation and finally locate the fault of a set of methods and tools. A good failure management system should be able to find failures in a timely manner (including through analysis and statistics, to find potential failures), and accurately locate the point of failure.
(2) configuration management a CIMS network is connected by a variety of devices, these devices have different functions and attributes. Configuration management is the process of defining, collecting, monitoring, and managing the parameters of these devices, and dynamically modifying and configuring the parameters of these devices to optimize the performance of the entire network. Configuration management functions include, at a minimum, identifying the topology of the managed network, identifying individual objects in the network, automatically modifying the configurations of devices, and dynamically maintaining a network configuration database.
(3) performance management performance management mainly includes traffic management and route management, through a variety of network information (traffic, users, access to resources and access frequency, etc.) collection, analysis and statistics, balancing the load of the entire network, reasonable distribution of network traffic, improve the utilization rate of network resources and the throughput rate of the entire network, to avoid network overloading and the occurrence of deadlock.
(4) Billing management Billing management mainly records the use of network resources, calculates the cost of using network resources, and controls the excessive occupation of network resources by users, so as to achieve the purpose of improving network efficiency. In the case of paid use of network resources, the billing management function can count which users use which communication line to transmit how much information, access to what resources, etc. Therefore, billing management is an important network management function of commercialized computer networks.
(5) security management network security management of the main purpose is to ensure that the network resources are not used illegally, as well as the network management system itself is not unauthorized access. Network security management mainly includes authorization management, access control management, as well as security check tracking and event processing.
The ISO defines five major functions of network management in the ISO/IEC 7498-4 document, which is widely accepted. These five functions are:
1, fault management (fault management)
Fault management is one of the most basic functions of network management. Users want to have a reliable computer network, when a problem occurs in a network component, the network administrator must quickly find the fault and timely elimination.
2, billing management
Used to record the use of network resources, the purpose is to control and detect the cost and cost of network operations, it is particularly important for some public **** commercial networks.
3. Configuration management
Configuration management is also important, it is responsible for initializing the network and configuring the network so that it provides network services.
4. Performance Management
It goes without saying that performance management estimates how well the system resources are running and how efficiently communications are taking place.
5. Security Management
Security has always been one of the weaknesses of the network, and the user requirements for network security have been quite high.... >>
Question 8: Short answer questions on computer network security 1. (1) Firewalls exclude unauthorized users from protected networks, prohibit security-threatening services from entering or leaving the network, and prevent all kinds of IP theft and routing attacks.
(2) Firewalls can monitor security-related events.
(3) Firewalls can provide a convenient platform for several non-security related Internet services.
(4) Firewalls can serve as a platform for IPSec.
2. plaintext: a message that needs to be hidden.
Ciphertext: Plaintext is transformed into another hidden form called ciphertext.
Key: determines the mapping from plaintext to ciphertext. The encryption algorithm uses the key for encryption and the decryption algorithm uses the key for decryption.
Encryption algorithm: a set of rules used to encrypt the plaintext.
Decryption algorithm: a rule used to decrypt the ciphertext.
3. Principles of intrusion detection technology:
(1) monitoring and analysis of user and system activities;
(2) audit of the system structure and weaknesses;
(3) identification of activity patterns reflecting the known attack and alarms to the relevant people;
(4) statistical analysis of abnormal behavior patterns;
(5) assessment of the integrity of important systems and data files. integrity of critical systems and data files;
(6) Audit trail management of operating systems and identification of user violations of security policies.
4. Computer virus: a program that can "infect" other programs by modifying them, the modified program contains a copy of the virus program, and can continue to infect other programs.
5
Analysis of technology development trends
1. Firewall technology development trends
In the era of rampant hybrid attacks, a single function of the firewall is far from being able to meet the needs of the business, and has a variety of security features, based on the application protocol layer of defense, low-false-alarm rate detection, high-reliability, high-performance platforms and unified component management technology, the advantages of will be increasingly reflected. More and more embodied, UTM (UnifiedThreatManagement, Unified Threat Management) technology came into being.
From the definition of the concept, UTM not only proposes a specific product form, but also covers a more far-reaching logical scope. From the first half of the definition, many vendors proposed multi-functional security gateway, integrated security gateway, integrated security devices are in line with the concept of UTM; and from the second half of the concept of UTM also reflects after years of development, the information security industry on the security management of a deep understanding of the security products as well as the availability of security products, linkage capabilities of the in-depth study.
The function of the UTM is shown in Figure 1. As the UTM device is a serial access security equipment, the UTM device itself must have good performance and high reliability, at the same time, the UTM in the unified product management platform, firewall, VPN, gateway antivirus, IPS, denial-of-service attacks, and other numerous product features in one, to achieve a variety of defense functions, therefore, to the UTM UTM devices should have the following characteristics.
(1) network security protocol layer defense. Firewall as a simple second to fourth layer of protection, mainly for static information like IP, ports and other protection and control, but the real security can not just stay at the bottom, we need to build a higher, stronger, more reliable wall, in addition to the traditional access control, but also for spam, denial-of-service, hacking and other external threats to play a role in the integrated detection and governance, to achieve the role of the seven-layer protocol protection, not limited to the second to fourth layer.
(2) Reduce the false alarm rate through categorized detection technology. Once a gateway device with tandem access has too many false positives, it will have catastrophic consequences for the user. the concept of IPS was introduced in the 1990s, but the deployment of IPS around the world has been very limited, and one of the major problems affecting its deployment is the false positives rate. Classification detection technology can significantly reduce the false alarm rate, for different attacks, to take different detection techniques, such as anti-denial of service attacks, anti-worm and hacker attacks, anti-spam attacks, anti-violation SMS attacks, etc., thus significantly reducing the false alarm rate.
(3) Supported by a highly reliable, high-performance hardware platform.
(4) Integrated unified management. As the UTM device set a variety of functions in one, so it must have the ability to unify the control and management of the platform, so that users can effectively manage. In this way, the device platform can be standardized and scalable, the user can carry out component management on a unified platform, at the same time, the integrated management can also eliminate the information products due to the inability to communicate between the information islands, so as to respond to a variety of various ...... >>
Question 9: Briefly explain the differences and links between computer security, network security, information security concepts Definition of computer security
The definition of the International Committee for Standardization on Computer Security is: for the data processing system and the adoption of the technical and managerial security protection, to protect the computer hardware, software, and data from accidental or malicious causes of damage, alteration, disclosure.
The U.S. Department of Defense's National Computer Security Center defines it as: to discuss computer security must first discuss the statement of the need for security. In general, a secure system will utilize a number of specialized security features to control access to information that can be read, written, created, and deleted only by appropriately authorized people, or by processes conducted in the name of those people.
The definition of the Computer Management Supervision Department of the Ministry of Public Security in China is that computer security refers to the security of computer assets, i.e., the resources of the computer information system and information resources are not subject to the threats and hazards of natural and man-made harmful factors.
Definition of network security
The International Organization for Standardization (ISO) defines computer system security as the technical and managerial security protection established and adopted for data processing systems to protect computer hardware, software, and data from destruction, alteration, and leakage due to accidental and malicious reasons. From this, the security of the computer network can be understood as: through the use of a variety of technical and managerial measures to enable the normal operation of the network system, thereby ensuring the availability, integrity and confidentiality of network data.
Information security
Information security itself includes a wide range. From the national military and political security, to the smallest, such as preventing the leakage of commercial enterprise secrets, preventing young people from browsing undesirable information, personal information leakage, and so on. Information security system in the network environment is the key to ensure information security, including computer security operating systems, various security protocols, security mechanisms (digital signatures, information authentication, data encryption, etc.), up to the security system, where any one of the security vulnerabilities can threaten the overall security. Information security services should at least include support for the basic theory of information network security services, as well as network security services based on a new generation of information network architecture architecture.
Information security is a comprehensive discipline involving computer science, network technology, communication technology, cryptography, information security technology, applied mathematics, number theory, information theory, and many other disciplines.
- Related articles
- How to make paper prints
- How to make countless Jinhua hams, which are mellow and delicious, but they are better than human delicacies?
- Factory, e-commerce, logistics which accounting what are the advantages and disadvantages of each?
- Who is a famous musician?
- What mobile phone brands are there in China?
- What are the English words that start with c?
- The 2022PCL spring playoffs ended perfectly, and the NH team won when it met the brave!
- Reflections on the Complete Works of Classic Wars of World War I and World War II
- About ancient women’s problem with cinnabar
- Selection of TV series and variety shows