beijingICS中华人民共和国国家标准GB/T××××—××××信息安全技术信息系统安全审计产品技术要求和测试评价方法Technicalrequirementsandtestingandevaluationtechniquesforinformationsystemsecurityauditproducts(征求意见稿)××××-××-××发布××××-××-××实施国家质量监督检验检疫总局发布GB目次前言...............................................................................II引言..............................................................................III1范围..................................................................................12规范性引用文件........................................................................13术语和定义及记法......................................................................13.1术语和定义..........................................................................13.2记法................................................................................24安全审计产品分级......................................................................24.1基本型..............................................................................24.2增强型..............................................................................25功能要求..............................................................................25.1安全功能要求........................................................................25.2自身安全要求........................................................................76性能要求..............................................................................76.1稳定性..............................................................................86.2资源占用............................................................................86.3网络影响............................................................................86.4吞吐量..............................................................................87保证要求..............................................................................87.1配置管理保证........................................................................87.2交付与运行保证......................................................................87.3指导性文档..........................................................................87.4测试保证............................................................................87.5脆弱性分析保证......................................................................97.6生命周期支持........................................................................98测评方法..............................................................................98.1产品功能............................................................................98.2自身安全...........................................................................198.3产品性能...........................................................................208.4保证要求...........................................................................20附录A..............................................................................24A.1安全审计流程.......................................................................24A.2审计跟踪涵盖的阶段.................................................................24A.2.1事件采集阶段.....................................................................24A.2.2事件处理阶段......................................
