Đang chuẩn bị liên kết để tải về tài liệu:
CISSP: Certified Information Systems Security Professional Study Guide 2nd Edition phần 6

Không đóng trình duyệt đến khi xuất hiện nút TẢI XUỐNG Tải xuống

Không ai trong số trên 5. Kỹ thuật vi rút tiên tiến thay đổi các mã độc hại của virus trên mỗi hệ thống nó lây nhiễm? Đa hình Stealth A. B. C. Mã hóa D. Multipartitism 6. Một trong các tập tin sau đây có thể được sửa đổi hoặc tạo ra bởi một loại virus đồng hành? | Principles of Computer Design THE CISSP EXAM TOPICS COVERED IN THIS CHAPTER INCLUDE J Principles of Common Computer and Network Organizations Architectures and Designs In previous chapters of this book we ve taken a look at basic security principles and the protective mechanisms put in place to prevent violation of them. We ve also examined some of the spe- cific types of attacks used by malicious individuals seeking to circumvent those protective mechanisms. Until this point when discussing preventative measures we have focused on policy measures and the software that runs on a system. However security professionals must also pay careful attention to the system itself and ensure that their higher-level protective controls are not built upon a shaky foundation. After all the most secure firewall configuration in the world won t do a bit of good if the computer it runs on has a fundamental security flaw that allows malicious individuals to simply bypass the firewall completely. In this chapter we ll take a look at those underlying security concerns by conducting a brief survey of a field known as computer architecture the physical design of computers from various components. We ll examine each of the major physical components of a computing system hardware and firmware looking at each from a security perspective. Obviously the detailed analysis of a system s hardware components is not always a luxury available to you due to resource and time constraints. However all security professionals should have at least a basic understanding of these concepts in case they encounter a security incident that reaches down to the system design level. The federal government takes an active interest in the design and specification of the computer systems used to process classified national security information. Government security agencies have designed elaborate controls such as the TEMPEST program used to protect against unwanted electromagnetic emanations and the Orange Book .