Xin'an Second Edition: Chapter 12 network security audit technology principle and application learning notes

One 、 The outline of this chapter requires

12、 Principles and application of network audit technology

12.1 Overview of network security audit

• Network security audit concept • Purpose of network security audit

12.2 Composition and type of network security audit system

• Composition of network security audit system

• Operation mechanism of network security audit system

• Network security audit system type （ Network communication security audit 、 Operating system security audit 、 Database security audit 、 Application system security audit 、 Operation and maintenance safety audit )

12.3 Network security audit mechanism and implementation technology

• Network security audit data collection

• Network traffic data acquisition technology （ Switch port mirroring 、 Network sniffing ） System log data collection technology （Syslog、FTP、SNMP etc. ) Open source tools for network traffic data collection Tepdump Use

• Network audit data analysis technology （ string matching 、 Full text search 、 Data Association 、 Statistical report 、 Visual analysis, etc ）

• Network audit data protection technology （ Decentralized management of system users 、 Mandatory access to audit data 、 Audit data encryption 、 Audit data privacy protection 、 Audit data integrity protection 、 Audit data backup ）

12.4 Main technical indicators and products of network security audit

• Main technical indicators of network security audit （ Understanding of functional technical indicators 、 Understanding of performance and technical indicators 、 Understanding of safety technical indicators ）

• Analysis of working mechanism of network security audit products 、 Understanding of network security audit product standards 、 Applicable scenarios of network security audit products

12.5 Network security audit application

• Network compliance use

• Network electronic forensics

• Network security operation and maintenance guarantee

Two 、 List of important and easy knowledge points in this chapter

12.1 Overview of network security audit

Network security audit refers to the acquisition of information about security related activities of network information systems 、 Record 、 Storage 、 Analysis and utilization of work .</