Open Access
Subscription Access
網路攻防技術-資訊安全滲透測試技術
Abstract
資安滲透測試是保護網路安全的技術工具和過程,本課程設計是經由介紹、說明及透過互動,實務操作在資安滲透測試過程中常用的工具與方法,藉以挖掘組織、網路及系統的安全弱點(脆弱處)與風險之行為,進而知道如何實際檢驗與證實受測對象網路安全之強度、現階段系統環境與安全狀態,同時幫助發掘系統中已知與未知的漏洞。本課程透過資訊安全相關技術議題,以挖掘網路與系統安全性及弱點測試與驗證為核心,規劃「網路攻防技術-資訊安全滲透測試技術」共22模組課程,可用以培養及訓練合格的滲透測試人員。Information security penetration testing is a technical tool and process to protect network security. The designed course is a tool and method commonly used in the infiltration test process through introduction, description and interaction and practice; learn about the weaknesses (vulnerabilities) and risks of mining organizations, networks, and systems. In turn, we know how to actually check the strength of the network security of the object under test, the current system environment and security status. It also helps to discover known and unknown vulnerabilities in the system. This course is designed to focus on information security related technical issues, with a focus on mining network and system security and vulnerability testing and verification. Twenty-two module courses are planned to learn and train qualified penetration test personnel for the Demonstration Course: 「Network Attack and Defense Technology-Information Security Penetration Testing Technology」.
Keywords
資安實務; 課程發展; 網路攻防; 滲透測試; Security practice; curriculum development; network attack and defense; penetration testing
Citation Format:
Kai Chain, Jiin-Chiou Cheng, Wen-Chung Kuo, "網路攻防技術-資訊安全滲透測試技術," Communications of the CCISA, vol. 24, no. 4 , pp. 73-82, Oct. 2018.
Kai Chain, Jiin-Chiou Cheng, Wen-Chung Kuo, "網路攻防技術-資訊安全滲透測試技術," Communications of the CCISA, vol. 24, no. 4 , pp. 73-82, Oct. 2018.
Full Text:
PDFRefbacks
- There are currently no refbacks.
Published by Chinese Cryptology and Information Security Association (CCISA), Taiwan, R.O.C
CCCISA Editorial Office, No.1, Sec. 1, Shennong Rd., Yilan City, Yilan County 260, Taiwan (R.O.C.)
E-mail: ccisa.editor@gmail.com