CISSP考试指南笔记：1.1安全目标 – 作者:buckxu

原文请看本人公众号链接：CISSP考试指南笔记：1.1安全目标

We need to understand the core goals of security, which are to provide availability, integrity, and confidentiality (AIC triad) protection for critical assets.
我们需要了解安全的核心目标，即为关键资产提供可用性、完整性和机密性(AIC三合一)保护。

Availability protection ensures reliability and timely access to data and resources to authorized individuals.
可用性保护可确保授权个人及时可靠地访问数据和资源。
Integrity is upheld when the assurance of the accuracy and reliability of information and systems is provided and any unauthorized modification is prevented.
当信息和系统的准确性和可靠性得到保证，并防止任何未经授权的修改时，完整性就得到了支撑。

Confidentiality ensures that the necessary level of secrecy is enforced at each of data processing and prevents unauthorized disclosure.
机密性确保在每个数据处理过程中执行必要的保密级别，并防止未经授权的披露。

Availability: Redundant array of independent disks (RAID), Clustering, Load balancing, Redundant data and power lines, Software and data backups, Disk shadowing, Co-location and offsite facilities, Rollback functions, Failover configurations
可用性：独立磁盘冗余阵列(RAID)、群集、负载平衡、冗余数据和电力线、软件和数据备份、磁盘跟踪、主机托管和异地设施、回滚功能、故障转移配置

Integrity: Hashing (data integrity), Configuration management (system integrity), Change control (process integrity), Access control (physical and technical), Software digital signing, Transmission cyclic redundancy check (CRC) functions
完整性：散列(数据完整性)、配置管理(系统完整性)、更改控制(过程完整性)、访问控制(物理和技术)、软件数字签名、传输循环冗余校验(CRC)功能

Confidentiality: Encryption for data at rest (whole disk,database encryption), Encryption for data in transit (IPSec,TLS,PPTP,SSH), Access control (physical and technical)
机密性：静态数据加密(全磁盘、数据库加密)、传输数据加密(IPSec、TLS、PPTP、SSH)、访问控制(物理和技术)

来源：freebuf.com 2020-12-12 21:17:08 by: buckxu