版本说明:本中英文对照版仅用于学习,任何组织、个人不得以任何形式和理由收取费用,
如发现收费行为发布请在原链接下载:知识星球 -老烦的草根安全观
ISO/IEC JTC1 SC27
信息技术 网络安全与隐私 保护 信息安全控制
ISO/IEC 27002 20 22
翻译 樊山
2022 -3-3
目录
前言 ................................ ................................ ................................ ................................ .............................. 14
0 介绍 ................................ ................................ ................................ ................................ .......................... 16
0.1 Background and context 背景和环境 ................................ ................................ .................. 16
0.2 Information security requirements 信息安全需求 ................................ ............................ 17
0.3 Controls 控制 ................................ ................................ ................................ ............................. 18
0.4 Determining controls 确定控制 ................................ ................................ ............................ 18
0.5 Developing your own guidelines 开发自己的指南 ................................ .......................... 19
0.6 Lifecycle considerations 生命周期注意事项 ................................ ................................ ...... 20
0.7 Related standards 相关标准 ................................ ................................ ................................ .. 20
1 范围 ................................ ................................ ................................ ................................ .......................... 21
2 规范性引用 ................................ ................................ ................................ ................................ ............. 21
3 术语,定义和缩写词 ................................ ................................ ................................ ........................... 22
3.1 术语和定义 ................................ ................................ ................................ ................................ . 22
3.1.1 Access control 访问控制 ................................ ................................ ............................. 22
3.1.2 Asset 资产 ................................ ................................ ................................ ....................... 23
3.1.3 Attack 攻击 ................................ ................................ ................................ ..................... 23
3.1.4 Authentication 认证 ................................ ................................ ................................ ..... 24
3.1.5 Authenticity 真实性 ................................ ................................ ................................ ...... 24
3.1.6 Chain of custody 监管链 ................................ ................................ ............................. 24
3.1.7 Confidential information 机密信息 ................................ ................................ .......... 24
3.1.8 Control 控制 ................................ ................................ ................................ ................. 25
3.1.9 Disruption 破坏 ................................ ................................ ................................ ........... 25
3.1.10 Endpoint device 终端设备 ................................ ................................ ..................... 25
3.1.11 Entity 实体 ................................ ................................ ................................ ................. 26
3.1.12 Information processing facility 信息处理设施 ................................ ......... 26
3.1.13 Information security breach 信息安全漏洞 ................................ ......................... 26
3.1.14 Information security event 信息安全事件 ................................ ............................ 27
3.1.15 Information security incident 信息安全事故 ................................ ....................... 27
3.1.16 Infor mation security incident management 信息安全事件管理 .................... 27
3.1.17 Information system
ISO27002-2022 信息技术 网络安全与隐私保护 信息安全控制
安全标准 >
ISO >
文档预览
中文文档
326 页
50 下载
1000 浏览
0 评论
0 收藏
3.0分
温馨提示:本文档共326页,可预览 3 页,如浏览全部内容或当前文档出现乱码,可开通会员下载原始文档
本文档由 思安 于 2022-11-26 11:58:38上传分享
ISO27002-2022 信息技术 网络安全与隐私保护 信息安全控制
