1. What is net protection
In recent years, with the rapid development of the Internet, cyber attacks are no longer just a threat to the security of enterprise information assets. The national basic information facilities are also facing serious cyber attacks, and cyber security has gradually risen to the level of national security. "In order to prevent sheep from being stolen, we have to identify risks and strengthen the construction of sheepfold before sheep are stolen", and the action of protecting the net was gradually born under this background.
Development process of "network protection action"
Cyberspace is complex. With the rapid development of new technologies such as big data, cloud computing, artificial intelligence and blockchain, the international situation also presents complex changes. Under the dual impetus of the international situation and scientific and technological capabilities, various loopholes bring huge risks to the network security of enterprises and countries.
2. Precautions for "net protection action"
1) Network * * * is not just a contest of technology. During the * * * drill, the attacker sent "secret visitors" to try to enter the equipment room of the defender's network for destruction on the grounds of equipment network maintenance and upgrading. In view of this situation, how should we protect:
A: the network security confrontation drill is getting closer to the actual situation. We need to pay equal attention to data security and behavior security when dealing with network security. We need to improve our awareness of information security and guard against social engineering corruption;
2) A regional power company also organized network security education and training for its employees to improve their network security awareness when carrying out the "network protection action" drill. This shows that the "net protection action" is not only completed by technicians, but also by enterprise management:
A: pay equal attention to safety protection technology and management, and strengthen personnel safety management while improving defense technology;
3) The essence of network security lies in confrontation, and the essence of confrontation lies in the contest of capabilities at both ends of * * *. This sentence reflects:
A: network security talents are the first resource;
4) "Network protection action" aims to test the security protection ability of key information infrastructure of enterprises and institutions, improve the response ability of network security emergency response team, improve the emergency response process and working mechanism, and improve the comprehensive ability of emergency response to security incidents. This sentence explains:
A: network security is related to enterprise and national security, and we should attach great importance to it. Enhance information security awareness and contribute to network security;
5) In the actual office process, the enterprise shall strengthen information security management at least from the following aspects:
Answer:
01. Strengthen the safety management of external personnel and unknown personnel in the office;
02. Strictly implement the inspection of foreign personnel and goods, and prevent * * * from entering the enterprise office area to implement network * * *;
03. Employees are required to strictly manage the account and password of information equipment and information system, and beware of lending, loss and theft;
6) Phishing e-mail is a common means of cheating the recipient by using disguised e-mail to reply the account, password and other information to the designated recipient. How to protect phishing mail:
A: beware of phishing emails. For unknown emails, do not click the links in the email, do not download or open any document attachments of unknown emails, and do not forward any unknown emails;
7) Brute force cracking refers to using tools to constantly take passwords from * * *'s dictionary for login attempts. How should we protect against brute force cracking:
Answer:
01. Set high-strength password;
02. It is forbidden to use weak passwords and pseudo strong passwords (passwords that meet the complexity requirements but are easy to be guessed by * * *);
8. Once the account password is leaked, it may be used by * * * and cause varying degrees of losses to the enterprise. In the actual office process, in addition to setting high-strength passwords, we should also:
Answer:
01. Account and password cannot be lent out;
02. Change the password regularly;
03. Avoid applying one account to multiple systems;
9. File upload vulnerability refers to uploading malicious code on the client and executing it to control the server. For file upload vulnerability, developers should:
Answer:
01. The file upload directory is set as non executable;
02. Use white list to restrict file upload;
03. Use js to test the size and extension name of the file;
04. Use the random file name, which can be MD5 or time;
10) Arbitrary mobile number registration is also a common vulnerability in the "network protection action". One case is that the developer sends the verification code directly to the client through the data packet, and * * * can obtain the verification code by grabbing the response packet, forming an arbitrary mobile number registration vulnerability. In this case, developers should:
Answer:
01. The verification code cannot be returned to the client and cannot be verified through the front end;
Information security is everyone's responsibility
© The copyright belongs to the author: the original work from 51CTO blogger Zancun
