| 题名 |
網路攻防技術-資訊安全滲透測試技術 |
| 并列篇名 |
Information Security Practice Model Course Development Project - Network Attack and Defense Technology |
| 作者 |
程凱(Kai Chain);鄭錦楸(Jiin-Chiou Cheng);郭文中(Wen-Chung Kuo) |
| 关键词 |
資安實務 ; 課程發展 ; 網路攻防 ; 滲透測試 ; Security practice ; curriculum development ; network attack and defense ; penetration testing |
| 期刊名称 |
資訊安全通訊 |
| 卷期/出版年月 |
24卷4期(2018 / 10 / 01) |
| 页次 |
73 - 82 |
| 内容语文 |
繁體中文 |
| 中文摘要 |
資安滲透測試是保護網路安全的技術工具和過程,本課程設計是經由介紹、說明及透過互動,實務操作在資安滲透測試過程中常用的工具與方法,藉以挖掘組織、網路及系統的安全弱點(脆弱處)與風險之行為,進而知道如何實際檢驗與證實受測對象網路安全之強度、現階段系統環境與安全狀態,同時幫助發掘系統中已知與未知的漏洞。本課程透過資訊安全相關技術議題,以挖掘網路與系統安全性及弱點測試與驗證為核心,規劃「網路攻防技術-資訊安全滲透測試技術」共22模組課程,可用以培養及訓練合格的滲透測試人員。 |
| 英文摘要 |
Information security penetration testing is a technical tool and process to protect network security. The designed course is a tool and method commonly used in the infiltration test process through introduction, description and interaction and practice; learn about the weaknesses (vulnerabilities) and risks of mining organizations, networks, and systems. In turn, we know how to actually check the strength of the network security of the object under test, the current system environment and security status. It also helps to discover known and unknown vulnerabilities in the system. This course is designed to focus on information security related technical issues, with a focus on mining network and system security and vulnerability testing and verification. Twenty-two module courses are planned to learn and train qualified penetration test personnel for the Demonstration Course: 「Network Attack and Defense Technology-Information Security Penetration Testing Technology」. |
| 主题分类 |
基礎與應用科學 >
資訊科學 |
| 参考文献 |
|
