Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
The primary remaining problemin keymanagement is a technical issue; namely how to locate the certificate for a certain machine or person. Some basic requirements on the facility used to locate the certificate can easily be identified. It must be accessible everywhere. It should be practical, in the sense that it should not be extremely expensive or cause administrative hassle, to work. Preferably it should be distributed, because a central world-wide organization to store all certificates is not feasible to implement. However the facility does not need to be secure, altough if possible, it would create additional value | Information Technology IT Security Essential Body of Knowledge EBK A Competency and Functional Framework for IT Security Workforce Development Office of Cybersecurity and Communications National Cyber Security Division September 2008 United States Department of Homeland Security Washington D.C. 20528 Table of Contents 1 Introduction.1 1.1 Overview.1 1.2 Background.2 1.3 Purpose.2 1.4 Scope.3 1.5 Review Cycle.3 1.6 Document Organization.6 2 IT Security Competency Areas.7 2.1 Data Security.7 2.2 Digital Forensics.8 2.3 Enterprise Continuity.10 2.4 Incident Management. 11 2.5 IT Security Training and Awareness.13 2.6 IT Systems Operations and Maintenance.14 2.7 Network and Telecommunications Security.16 2.8 Personnel Security.18 2.9 Physical and Environmental Security.19 2.10 Procurement. 20 2.11 Regulatory and Standards Compliance.22 2.12 Security Risk Management.23 2.13 Strategic Security Management.25 2.14 System and Application Security.26 3 IT Security Key Terms and Concepts.28 3.1 Data Security.28 3.2 Digital Forensics.29 3.3 Enterprise Continuity . 29 3.4 Incident Management.30 3.5 IT Security Training and Awareness.30 3.6 IT Systems Operations and Maintenance.31 3.7 Network and Telecommunications Security.32 3.8 Personnel Security.33 3.9 Physical and Environmental Security.33 3.10 Procurement.34 3.11 Regulatory and Standards Compliance.35 3.12 Security Risk Management.36 3.13 Strategic Security Management.36 3.14 System and Application Security.37 4 IT Security Roles Competencies and Functional Perspectives.39 4.1 Chief Information Officer.39 4.2 Digital Forensics Professional.39 4.3 Information Security Officer.40 4.4 IT Security Compliance Officer . 40 4.5 IT Security Engineer. 41 September 2008 - Final v1.3 ii 4.6 IT Security Professional.42 4.7 IT Systems Operations and Maintenance Professional.42 4.8 Physical Security Professional.43 4.9 Privacy Professional.43 4.10 Procurement Professional.44 5 The IT Security Role Competency and Functional Matrix.45 .
