阿里云平台安全管理规范目录目录...................................................................................................................................................................................1范围.....................................................................................................................................................................................4第一章ﻩ总则51.1管理目标ﻩ51.2管理原则.................................................................................................................................................................5第二章安全管理规范ﻩ62.1安全事件上报ﻩ62.1.1安全事件分类ﻩ62.1.2安全事件监控及上报ﻩ72.2帐号口令管理......................................................................................................................................................82.3安全域划分及端口管理..........................................................................................................................102.4防病毒制度ﻩ112.5ﻩ日志审计ﻩ212.5.1日志审计总则ﻩ122.5.2ﻩ日志管理ﻩ13第三章应急保障..............................................................................................................................................................133.1应急保障范围.....................................................................................................................................................133.2应急保障流程ﻩ143.3应急保障措施....................................................................................................................................................14第四章日常安全运维制度..........................................................................................................................................154.1资产信息维护ﻩ154.1.1安全设备资产ﻩ154.1.2业务设备资产.........................................................................................................................................154.1.3网络设备资产.....................................................................................................................................164.2安全设备维护.................................................................................................................................................164.2.1远程安全巡检ﻩ164.2.2机房安全巡检...............................................................................................................................................164.2.3设备故障处理ﻩ173.2.4设备权限检查ﻩ714.3安全策略运维.....................................................................................................................................................174.3.1安全策略信息维护ﻩ714.3.2安全策略开通ﻩ174.3.3安全漏洞扫描.......................................................................................................................................184.3.4安全策略清理ﻩ1814.3.5网络和端口梳理.......................................................................................................................................184.3.6日志审计....................................................................................................................................................194.4安全报告输出ﻩ194.4.1安全方案输出....................................................
