5. 控制措施
5
NIST SP 800-53 Security and Privacy Controls for
Federal Information Systems and Organizations
NIST SP 800-53A Federal Information Systems and Organizations:
Building Effective Assessment Plans
技術面
15. 網路安全監控架構
A T T A C K C O N T I N U U M
BEFORE DURING AFTER
See it,
Control it
Intelligent &
Context Aware
Retrospective
Security
Network | Endpoint | Mobile | Virtual
Point-in-Time Continuous
15
參考來源: SourceFire
偵察 掃描 傳送 植入 控制 破壞
沒有完美的防禦機制
駭客攻擊階段