GB/T 35283-2017 English PDFUS$679.00 · In stock
Delivery: <= 6 days. True-PDF full-copy in English will be manually translated and delivered via email. GB/T 35283-2017: Information security techniques -- Specification for the structure of desktop core configuration baseline Status: Valid
Basic dataStandard ID: GB/T 35283-2017 (GB/T35283-2017)Description (Translated English): Information security techniques -- Specification for the structure of desktop core configuration baseline Sector / Industry: National Standard (Recommended) Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 34,398 Date of Issue: 2017-12-29 Date of Implementation: 2018-07-01 Regulation (derived from): National Standards Bulletin 2017 No. 32 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China GB/T 35283-2017: Information security techniques -- Specification for the structure of desktop core configuration baseline---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security techniques - Specification for the structure of desktop core configuration baseline ICS 35.040 L80 National Standards of People's Republic of China Information Security Technology Computer Terminal Core Configuration Baseline Structure Specification 2017-12-29 Posted 2018-07-01 implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Preface Ⅰ Introduction Ⅱ 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 2 5 Core Configuration Baseline Essentials 2 6 XML-based core configuration baseline marking rules 3 6.1 Core Configuration Baseline Structure 3 6.2 The first layer of elements marked 4 6.3 The second layer of elements marked 4 6.4 The third level of elements marked 5 6.5 Level 4 Elemental Marking 9 6.6 Level 5 Elemental Marking 11 6.7 Level 6 Elemental Marking 12 6.8 Level 7 Elemental Marking 15 Appendix A (informative) core configuration baseline marker complete example 17 Appendix B (Informative) Core Configuration Baseline Application Example 21 B.1 "Minimum password length is 8-bit character length" Core Configuration Baseline XML Example 21 B.2 "Minimum password length is 8 characters long" Core Configuration Baseline XML Example Brief Description 23 Appendix C (Informative) Core Configuration Baseline Application Example 24 C.1 core configuration editor 24 C.2 Core Configuration Verification 27 C.3 Core Configuration Deployment 28 C.4 Core Configuration Monitoring 30 References 31 ForewordThis standard was drafted in accordance with the rules given in GB/T 1.1-2009. This standard by the National Information Security Standardization Technical Committee (SAC/TC260) and focal point. This standard was drafted unit. National Information Center, China Information Security Assessment Center, University of Chinese Academy of Sciences, Ministry of Public Security Bureau Information Bureau Heart, CAAC Information Center, Beijing Beixinyuan Software Co., Ltd., Huawei Technologies Co., Ltd., Hangzhou Yinggao Technology Co., Ltd. The main drafters of this standard. Li Xinyou, Liu Bei, Xu Tao, Cai Junxia, Wang Xiaotian, Cheng Hao, Fu Hongyan, Li Shoupeng, Zhang Tao, Zhang Yuqing, Yuan Yifang, Liu Yun, Sun Lihua, Hu Donghong, Lin Hao, Wang Dun, He Tao.IntroductionThe computer terminal operating system, office software, browser and other basic software for core configuration management, can effectively block the system security leak Hole, enhance security and controllability of the terminal, protect data security and user privacy, and improve the overall computer terminal of our government, enterprises and institutions Safety level. Government Terminal core configuration series of standards is based on China's information security (sub) level protection requirements, based on China's government terminal security Actual needs, and draw lessons from the relevant foreign research results. The series of standards GB/T 30278-2013 "information security technology government Computer Terminal Core Configuration Specification "has been promulgated and implemented, which provides the basic configuration of the government computer terminal core concepts and requirements, nuclear The heart of the configuration of automated methods to regulate the core configuration of the implementation process and provide the basis for this standard. This standard is studying Windows Based on the security configuration method, learn from other operating system security configuration method, the provisions of the computer core configuration baseline structure and layers Prime labeling rules, and gives examples of baseline application methods. The core configuration baseline is based on the requirements of each unit information system security protection Computer terminal core configuration policy set for automated core configuration deployment and compliance management for large-scale computer terminals. On the one hand, technicians can develop core configuration baseline generation and resolution tools with reference to this standard for automated deployment of core configuration baselines And monitoring and management. On the other hand, a technician can write a new baseline of safety configuration with reference to the baseline structure specified in this standard, thereby continuously expanding Exhibition computer terminal security configuration of the scope of application, improve the level of automation applications. Information Security Technology Computer Terminal Core Configuration Baseline Structure Specification1 ScopeThis standard specifies the basic elements of the computer terminal core configuration baseline, standardizing the XML-based core configuration baseline marking rules, And gives the core configuration example of the application of the baseline method. This standard applies to the computer terminal of the core configuration automation, including the computer terminal core configuration automation tool design, open Hair and application.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. Specification of XML - based electronic official document format - Part 1. General principles Information technology - Computerized terminal computer core configuration specifications3 Terms and definitionsGB/T 30278-2013 and GB/T 19667.1-2005 and the following terms and definitions apply to this document. 3.1 Core configuration item (configuration item) coreconfigurationitem Computer operating systems, office software, browsers, BIOS systems and anti-malicious code software and other basic software affect the computer security The key parameters of options. Note The core configuration item types include switch items, enumeration items, interval items, and compound items that can be assigned according to safety requirements. [GB/T 30278-2013, Definition 3.2] 3.2 Core configuration coreconfiguration Set the parameters of the core configuration items. Note. Enabling or enhancing security features to limit or prevent the existence of security breaches or vulnerabilities through core configuration enhances your computer against security risks Ability. [GB/T 30278-2013, Definition 3.3] 3.3 Core Configuration Baseline coreconfigurationbaseline A set of base values of one or more core configuration items that satisfy basic computer security requirements. 3.4 Core Configuration Baseline package coreconfigurationbaselinepackage A core configuration data file with a specific syntax format developed for the core configuration of baseline automated deployment. [GB/T 30278-2013, Definition 3.7] ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GB/T 35283-2017_English be delivered?Answer: Upon your order, we will start to translate GB/T 35283-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 6 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GB/T 35283-2017_English with my colleagues?Answer: Yes. The purchased PDF of GB/T 35283-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
