<> Network security notes
<> one , Basic knowledge
01, computer network ： Is to use communication lines to connect different geographical locations , Computers and communication devices with independent functions are connected together , A computer system for resource sharing and information transmission .
02, Common computer networks ：
* PAN：Personal Area Network, Personal area network
* LAN：Local Area Network, LAN
* MAN：Metropolitan Area Network, Metropolitan area network
* WAN：Wide Area Network, Wide area network
03, information system ： It can collect information , transmission , storage , machining , Computer application system used and maintained , Such as student management system .
04, information safety ： It refers to the protection of computer hardware in the information system , The software and data will not be damaged due to accidental or malicious reasons , change , leak , Ensure the continuous, reliable and normal operation of the system , Uninterrupted information service .
05, computer virus ： It refers to the information compiled or inserted into a computer program , Destroy computer functions or data , Affect computer use , A set of computer instructions or program code that can replicate itself . Computer viruses are parasitic , Concealment and infectivity .
06, Trojan horse ： Is a specific program used to illegally collect information or control another computer , There are usually two parts: client and server , The computer implanted with Trojan horse is the server-side part . Trojans are usually disguised as packages , Compressed file , picture , Video screen and other forms , Through web page , mail , Instant messaging and other channels induce users to download and install , If the user opens such Trojan horse program , The user's computer or intelligent terminal and other devices will be controlled by the person who implanted the Trojan horse , Causing data files to be stolen or modified , Hazards such as theft of electronic account funds .
07, intrusion ： It refers to the unauthorized access to the computer network or system , Usually malicious access to information , The act of processing information or destroying a system .
08, hacker ： Generally refers to familiarity IT technology , A person who is keen to invade networks or computer systems to steal data and information .
09, attack ： It refers to the use of loopholes and security defects in the network or computer system to destroy it , leakage , The act of altering or disabling .
10, loophole ： Refers to the hardware of the network or information system , Software , Weaknesses or defects in the specific implementation of the protocol or security strategy . The vulnerability may come from defects in the design of application software or operating system or errors in coding , It may also come from the design defects or unreasonable logical process processing of the business in the process of interactive processing .
11, back door ： A method of obtaining access to a program by bypassing its security , It is intended to stay in the computer system , A way for some special users to control a computer system in some special way .
12, The difference between a backdoor and a vulnerability is ： Vulnerability is an unintentional act , The back door is deliberately created by programmers in the process of software development .
13, firewall ： It is a method to isolate the intranet from the extranet , Access control technology to protect intranet from intrusion of illegal users . Firewall can be implemented by software , It can also be implemented in hardware .
14, patch ： Refers to a small program that fixes vulnerabilities for defects exposed in the use of the software system .
15, password ： A technique used to protect data or information （ Symbol system ）. The basic function of cryptosystem is to realize the confidentiality service of information .
16, encryption ： It changes the expression form of the original information data with a special algorithm , Will be normal （ Recognizable ） The process of transforming information into unrecognizable information . The purpose of encryption is to make unauthorized users unable to understand the content of the encrypted information even if they obtain it .
17, decrypt ： Is the inverse of encryption . Recover the encrypted information into recognizable information through some algorithm , Enable authorized users to understand the original information data .
18, digital signature ： It is generated by the sender of the information through the signature algorithm , A digital string used to prove the authenticity of the message sent by the message sender . Digital signature is generally realized by cryptographic technology , It has the same legal effect as ordinary physical signature .
19, digital watermarking ： It is a method of embedding identification information into digital carrier , Used to confirm the carrier owner , A technique for determining whether a carrier has been tampered with or transmitted secret information . The embedded identification information is also called digital watermark , Digital carrier includes multimedia , file , Software, etc , When the digital watermark is embedded into the digital carrier , It shall not affect the use value of the original carrier .
20, Safety is classified according to equal protection ：（ Each share 50%）
* technology ： Technology is divided into physics , network , host , application , Data security and backup recovery .
* Administration ： Safety management system , Safety management organization , Personnel safety management , System construction management , System operation and maintenance management .
21, Noun interpretation ：
* CISE： Registered information security engineer
* CISO： Registered information security manager
* CISA： Registered Information Security Auditor