当前位置:网站首页>Organize five stages of actual attack and defense drill

Organize five stages of actual attack and defense drill

2022-07-07 04:36:00 InfoQ

The organization of actual attack and defense drills can generally be divided into 5 Stages .

1)
Organization planning stage
. At this stage, the final goal of the drill is clear , Organize and plan all work of the drill , Form a practical attack and defense drill plan that can be landed , And must be recognized by the leadership .

Whether the actual attack and defense drill can be successful , Organization planning is very important . The stage of organization and planning mainly starts from the establishment of drill organization 、 Determine drill objectives 、 Formulate drill rules 、 Formulate scoring rules 、 Determine the drill process 、 Build a drill platform 、 Take emergency safeguard measures to make reasonable planning in these seven aspects , Elaborate arrangement , Only in this way can we guide the follow-up drill .

2)
The early stage of preparation
. Carry out the preparation of resources and personnel on the basis of the determined implementation plan , Implement people, property .
We should ensure that the actual attack and defense drill goes smoothly 、 Efficient development , Two preparations must be made in advance : First, resource preparation , Involving the drill site 、 Drill platform 、 Special computer for drill personnel 、 Video surveillance 、 Drill record 、 Drill authorization 、 Confidentiality agreement and rule making ; Second, personnel preparation , Including the attack team 、 Selection and review of the defense team , Team formation, etc .

3)
Actual attack and defense drill stage
. This stage is the core of the whole drill , The organizer will coordinate the offensive and defensive sides and other participating units to complete the drill , Including drill start 、 The drill process 、 Drill support, etc .
During the drill, the organizer shall plan the drill according to the contents , Coordinate the attack team and defense team to implement the drill , In the process, mainly carry out drill monitoring 、 Drill research and judgment 、 Emergency disposal, etc .

4)
Emergency drill stage
. For emergencies during the drill , The organizer shall coordinate the attack and defense parties to complete the emergency response work , Resume business in time and test the emergency response ability and mechanism of the defense team .
During the drill , For the lost business system of the participating units , Organize attack teams and participating units to deal with emergencies , The purpose is to conduct emergency drills , Quickly resume business and test the emergency response mechanism and process of the participating units , Use the actual combat exercise environment to make the exercise practical , Improve the emergency response ability of participating units and improve the emergency response mechanism . This includes testing 、 Inhibition 、 Eradicate 、 recovery 、 Summarize the five stages .

5)
Drill summary stage .
Relevant support work must be done well after the drill , Such as collecting reports 、 Clear the back door 、 Withdraw the account number and authority 、 Recycling equipment 、 Reclaim network access 、 Clean up drill data , Ensure the normal operation of subsequent businesses .
The drill summary mainly includes the summary report prepared by the participating units , Judges and experts summarize the exercise results , All units of the drill held a summary meeting , Arrange drill videos and carry out publicity work . Make a comprehensive summary of the whole drill , Actively rectify the problems found , Carry out post publicity work , Reflect the practicality of the drill . Including achievement confirmation 、 Data statistics 、 Summary meeting 、 Video editing and publicity 、 Rectification suggestions .

In some cases , A sixth stage may be added during the drill , That is, sand table deduction stage . The so-called sand table deduction , It is a supplement to the actual combat exercise , Through the simulation of the off base system that cannot carry out the actual combat drill , Assess the actual impact that real cyber attacks may have on government and enterprise institutions and public security .

After the actual attack and defense drill , The drill organizer organizes professional technicians and experts , Summary 、 Analyze all attack data , Make a full 、 Comprehensive double check analysis , Lessons learned , And give reasonable rectification suggestions for deficiencies , Provide a targeted and detailed process analysis report for the defense team , Then it will be distributed to the defensive units , Urge rectification and report the rectification results . The follow-up defense team should constantly optimize the protection work mode , Improve safety protection measures step by step , Optimize security policy , Strengthen the technical ability of the personnel team , Improve the overall level of network security protection .
原网站

版权声明
本文为[InfoQ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/188/202207062209203027.html

随机推荐