52ky 发表于 2022-9-13 13:48:07

信息安全技术 信息系统安全等级保护基本要求

不一样等级的信息系统应具有的基本安全维护才能如下:第一级安全维护才能:应可以防护系统免受来自己人的、具有很少资源的要挟源建议的恶意攻击、通常的天然灾祸、以及其他适当危害程度的要挟所形成的关键资源危害,在系统遭到危害后,可以恢复部分功能。第二级安全维护才能:应可以防护系统免受来自外部小型安排的、具有少数资源的要挟源建议的恶意攻击、通常的天然灾祸、以及其他适当危害程度的要挟所形成的首要资源危害,可以发现首要的安全漏洞和安全事情,在系统遭到危害后,可以在一段时间内恢复部分功能。第三级安全维护才能:应可以在一致安全策略下防护系统免受来自外部有安排的集体、具有较为丰厚资源的要挟源建议的恶意攻击、较为严峻的天然灾祸、以及其他适当危害程度的要挟所形成的首要资源危害,可以发现安全漏洞和安全事情,在系统遭到危害后,可以较快恢复绝大部分功能。第四级安全维护才能:应可以在一致安全策略下防护系统免受来自国家级其他、敌对安排的、具有丰厚资源的要挟源建议的恶意攻击、严峻的天然灾祸、以及其他适当危害程度的要挟所形成的资源危害本资料共包括以下附件:
信息安全技术信息系统安全等级维护基本要求.pdf
包括多个文件,请自行下载检测!

(The basic security maintenance capabilities that different levels of information systems should have are as follows: The first level of security maintenance capabilities: It should be able to protect the system from malicious attacks suggested by threats sources with few resources, common natural disasters, As well as other critical resource hazards formed by threats of appropriate damage levels, after the system is compromised, some functions can be restored. Second-level security maintenance capability: It should be able to protect the system from malicious attacks suggested by external small organizations, threat sources with few resources, common natural disasters, and other threats to the primary resources of the appropriate degree of damage. Find the most important security vulnerabilities and security incidents, after the system is compromised, you can restore some functions within a period of time. The third-level security maintenance capability: it should be able to protect the system from malicious attacks, serious natural disasters, and other threats of appropriate degree of harm from externally organized groups, threat sources with relatively rich resources, under a consistent security strategy The primary resource damage formed can find security loopholes and security incidents, and after the system is compromised, most functions can be quickly restored. Level 4 security maintenance capability: It should be able to protect the system from malicious attacks, severe natural disasters, and other threats of appropriate degree of harm from other national-level, hostilely-organized, and well-resourced threat sources under a consistent security policy The resulting resource hazards This document includes the following attachments:
Basic requirements for security level maintenance of information security technology information system.pdf
Including multiple files, please download and test by yourself!)




页: [1]
查看完整版本: 信息安全技术 信息系统安全等级保护基本要求