当前位置:网站首页>How to organize an actual attack and defense drill
How to organize an actual attack and defense drill
2022-07-05 21:43:00 【InfoQ】
One 、 Organizational elements of actual attack and defense drill
- Organizational unitBe responsible for overall control 、 Resource coordination 、 Prepare for the drill 、 Drill organization 、 Drill summary 、 Implement rectification and other work .
- Technical support unitBy a professional safety company , Be responsible for providing corresponding technical support and guarantee , Conduct the establishment of attack and defense confrontation exercise environment and visual display of attack and defense exercise .
- Attack teamGenerally, it is independently established by multiple security manufacturers , Each attack team is generally equipped with 3~5 people . With authorization , Explore with assets 、 Tool scanning and manual infiltration are the main penetration attacks , To obtain the permissions and data of the drill target system .
- Defending TeamFrom the participating units 、 Personnel composition of safety manufacturers, etc , Mainly responsible for protecting the assets under the jurisdiction of the defense team , Try to prevent the blue team from getting permission and data .
Two 、 The organizational form of the actual attack and defense drill
- By state 、 Industry authorities 、 Drills organized by regulators. Such drills are generally conducted by public security organs at all levels 、 E-mail departments at all levels 、 The government 、 Finance 、 traffic 、 health 、 education 、 Electric power 、 Countries such as operators 、 Industry competent departments or regulatory agencies organize . For key industry information infrastructure and important systems , Organize attack teams and enterprises and institutions in the industry to conduct network actual attack and defense drills .
- Drills organized by large enterprises and institutions. Financial enterprises 、 Operator, 、 administrative organ 、 Public institutions and other government and enterprise units , Verification requirements for the effectiveness of business security defense system construction , Organize attack teams and enterprises and institutions to conduct actual attack and defense drills .
3、 ... and 、 The key to the organization of the actual attack and defense drill
- Scope of drill: Prioritize priorities ( Unclassified ) Key business systems and Networks .
- Drill cycle: Combine with actual business , General advice 1~2 Zhou .
- Drill site: Select the corresponding site according to the drill scale , Be able to accommodate organizational units 、 Attack team 、 Defending Team , And the three sites should be separated .
- Drill equipment: Build an attack and defense drill platform 、 Video monitoring system , Distribute special computers to the attackers ( Or provide virtual attack terminals ) etc. .
- The attack team was formed: Choose the self owned personnel of the participating units or hire professionals from a third-party security service provider to form .
- The defense team is formed: Mainly the self owned safety technicians of each participating unit , Assisted by professionals from third-party security service providers .
- Exercise rule making: Formulate attack rules clearly before the drill 、 Defense rules and scoring rules , It is reasonable to ensure the offensive and defensive process , Avoid unnecessary impact of attack process on business operation .
Four 、 Risk avoidance measures for actual attack and defense drills
- The drill limits the attack target system , Unlimited attack path
- Unless authorized , Denial of service attacks are not allowed in the drill
- Description of the attack method of web page tampering
- Practice forbidden attack methods
- Requirements for the attacker's Trojan horse
- Illegal attack blocking and notification
边栏推荐
- 办公遇到的问题--
- Huawei fast game failed to call the login interface, and returned error code -1
- 华为游戏多媒体调用切换房间方法出现异常Internal system error. Reason:90000017
- Robot operation mechanism
- one hundred and twenty-three thousand four hundred and fifty-six
- Ethereum ETH的奖励机制
- 张丽俊:穿透不确定性要靠四个“不变”
- ICMP 介绍
- Golang (1) | from environmental preparation to quick start
- Sitge joined the opengauss open source community to jointly promote the ecological development of the database industry
猜你喜欢
Alibaba cloud award winning experience: build a highly available system with polardb-x
Comprehensive optimization of event R & D workflow | Erda version 2.2 comes as "7"
R language [data management]
SQL knowledge leak detection
使用Aspect制作全局异常处理类
秋招将临 如何准备算法面试、回答算法面试题
事项研发工作流全面优化|Erda 2.2 版本如“七”而至
How can Huawei online match improve the success rate of player matching
Deployment of Jenkins under win7
华为联机对战如何提升玩家匹配成功几率
随机推荐
Deployment of Jenkins under win7
ESP32
int GetMonth( ) const throw( );后面的throw( )什么意思?
Teach yourself to train pytorch model to Caffe (2)
Efficiency difference between row first and column first traversal of mat data types in opencv
Emotional analysis of wechat chat records on Valentine's day based on Text Mining
Clickhouse copy paste multi line SQL statement error
Why can't Chinese software companies produce products? Abandon the Internet after 00; Open source high-performance API gateway component of station B | weekly email exclusive to VIP members of Menon w
有些事情让感情无处安放
Huawei game multimedia service calls the method of shielding the voice of the specified player, and the error code 3010 is returned
华为联机对战如何提升玩家匹配成功几率
基于 Ingress Controller 在集群外访问 Zadig 自测环境(最佳实践)
华为游戏多媒体调用切换房间方法出现异常Internal system error. Reason:90000017
2022-07-03-CKA-粉丝反馈最新情况
Comprehensive optimization of event R & D workflow | Erda version 2.2 comes as "7"
Which securities company is better and which platform is safer for stock account opening
MySQL deep paging optimization with tens of millions of data, and online failure is rejected!
oracle 控制文件的多路复用
资深电感厂家告诉你电感什么情况会有噪音电感噪音是比较常见的一种电感故障情况,如果使用的电感出现了噪音大家也不用着急,只需要准确查找分析出什么何原因,其实还是有具体的方法来解决的。作为一家拥有18年品牌
JMeter installation under win7