XXX企业网络安全综合设计方案四川川大能士信息安全有限公司2002年3月目录1XXX企业网络分析........................................................................................................................42网络威胁、风险分析.....................................................................................................................52.1内部窃密和破坏...................................................................................................................52.2搭线(网络)窃听..............................................................................................................52.3假冒......................................................................................................................................52.4完整性破坏..........................................................................................................................52.5其它网络的攻击..................................................................................................................52.6管理及操作人员缺乏安全知识..........................................................................................62.7雷击......................................................................................................................................63安全系统建设原则.........................................................................................................................74网络安全总体设计.........................................................................................................................94.1安全设计总体考虑..............................................................................................................94.2网络安全............................................................................................................................104.2.1网络传输.................................................................................................................104.2.2访问控制.................................................................................................................124.2.3入侵检测.................................................................................................................134.2.4漏洞扫描.................................................................................................................144.2.5其它.........................................................................................................................144.3应用系统安全....................................................................................................................144.3.1系统平台安全.........................................................................................................144.3.2应用平台安全.........................................................................................................144.3.3病毒防护.................................................................................................................154.3.4数据备份.................................................................................................................174.3.5安全审计.................................................................................................................174.3.6认证、鉴别、数字签名、抗抵赖.....................................................................
