GBZ24294.4-2017 English PDFUS$239.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email. GBZ24294.4-2017: Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security Status: Valid
Basic dataStandard ID: GB/Z 24294.4-2017 (GB/Z24294.4-2017)Description (Translated English): Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security Sector / Industry: National Standard Classification of Chinese Standard: L80 Classification of International Standard: 35.040 Word Count Estimation: 12,155 Date of Issue: 2017-05-12 Date of Implementation: 2017-12-01 Older Standard (superseded by this standard): GB/Z 24294-2009 Quoted Standard: GB/T 30278-2013 Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China Summary: This standard applies to organizations that do not have e-government network or no leased communication network. They are based on the Internet to carry out e-government information security construction that does not involve state secrets and provide information for managers, engineering technicians and information security products providers Safe construction to provide management and technical reference. Involving national secrets, or stored, processed, transmitted information may be involved in state secrets, in accordance with national secrecy provisions and standards. GBZ24294.4-2017: Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order. Information security technology. Guide to implementation for Internet-based e-government information security. Part 4. Defense for terminal security ICS 35.040 L80 People's Republic of China national standardization of technical guidance documents Partially replace GB /Z 24294-2009 Information Security Technology Internet-based e-government information security implementation guidelines Part 4. Terminal Security e-governmentinformationsecurity-Part 4.Defenseforterminalsecurity 2017-05-12 Posted 2017-12-01 Implementation General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China China National Standardization Administration released Directory Foreword Ⅲ Introduction IV 1 Scope 1 2 Normative references 1 3 Terms and definitions 1 4 Abbreviations 1 5 Terminal Security Features and Implementation Principles 1 5.1 Security vulnerabilities 1 5.2 Safety Function 2 5.3 Implementation principles 2 6 terminal security application mode 2 6.1 Terminal Basic Security Application Mode 2 6.2 Terminal enhanced security application mode 3 6.3 mobile terminal security application mode 3 7 terminal basic security requirements 3 7.1 system service configuration 3 7.2 Account Policy Configuration 3 7.3 Log and Audit Policy Configuration 3 7.4 browser security configuration 4 7.5 malicious code to prevent 4 7.6 Personal Firewall 4 7.7 System Vulnerability Patch Upgrade 4 8 terminal enhance security requirements 4 8.1 Safety Test 4 8.2 program operation authorization 5 8.3 Secure E-mail 5 8.4 Safety briefcase 5 8.5 Security Audit 5 9 mobile terminal security requirements 6 9.1 Portable Terminal Security 6 9.2 Handheld Terminal Security 7 References 8 ForewordGB /Z 24294 "Information Security Technology Internet-based e-government information security implementation guidelines" is divided into four parts. --- Part 1. General principles; --- Part 2. Access control and security exchange; --- Part 3. Identity and authorization management; --- Part 4. Terminal Security. This section GB /Z 24294 Part 4. This section drafted in accordance with GB/T 1.1-2009 given rules. Part of this section instead of GB /Z 24294-2009 "Information Security Technology Internet-based e-government information security implementation guidelines." Compared with GB /Z 24294-2009, the main technical changes are as follows. --- Added vulnerabilities and major threats to Internet-based e-government terminals; --- Supplement clearly defined based on the Internet e-government terminal security features and implementation principles; --- Complement the division based on Internet e-government terminal security protection of the main application mode; --- Supplementary specification based on the Internet e-government terminal in three application modes of security requirements. This part of the National Information Security Standardization Technical Committee (SAC/TC260) and focal point. This part of the drafting unit. People's Liberation Army Information Engineering University, China Electronics Standardization Institute, Beijing Tian Rong Xin Technology Co., Ltd. Zheng Dazhou Great Information Technology Co., Ltd. The main drafters of this section. Chen Xingyuan, Du Xuehui, Sun Yi, Xia Chuntao, Cao Li-feng, Zhang Dongwei, Ren Zhiyu, Luo Feng surplus, Shangguan Xiao Li, Dong Guohua. This part replaces the standards previously issued as. --- GB /Z 24294-2009.IntroductionThe Internet has become an important information infrastructure, making active use of the Internet for the construction of e-government in our country, which can not only improve efficiency and expand Service coverage, but also save resources and reduce costs. The use of open Internet to carry out e-government construction, computer terminals in the e-government To undertake and participate in the government information processing, storage and transmission and other important work, facing malicious code, cyber attacks, information leakage and Identity fraud and other security threats and risks. In order to promote the Internet in our e-government applications, guidance based on the Internet e-government terminal Security work, specially formulated in this section. This section is mainly applicable to organizations that do not have e-government extranet lines or do not have leased communications network special line conditions, to carry out non-involved State secrets e-government construction, when the construction needs, according to security strategy and e-government network security docking. Information Security Technology Internet-based e-government information security implementation guidelines Part 4. Terminal Security1 ScopeThis part of GB /Z 24294 in accordance with the terminal security strategy, a clear Internet-based e-government terminal security technology Claim. This section applies to no e-government outside the green line or not leased communication network dedicated line organization, based on the Internet Do not involve the state secrets of e-government information security construction, for managers, engineers and technicians, information security products provider information Safety Management provides a management and technical reference. Where state secrets are involved or state secrets may be involved after the gathering of information stored, processed and transmitted, In accordance with national security regulations and standards.2 Normative referencesThe following documents for the application of this document is essential. For dated references, only the dated version applies to this article Pieces. For undated references, the latest edition (including all amendments) applies to this document. Information technology - Computerized terminal computer core configuration specifications3 Terms and definitionsThe following terms and definitions apply to this document. 3.1 Safe government terminal terminalforsecuregovernmentaffairs Meet the government office security protection technology requirements, to carry out government office and business applications of computer terminals and handheld terminals.4 AbbreviationsThe following abbreviations apply to this document. FTP File Transfer Protocol (FileTransferProtocol) IIS Internet Information Services (InternetInformationServices) IP Internet Protocol (InternetProtocol) WWW WorldWideWeb5 Terminal Security Features and Implementation Principles5.1 Safety Vulnerability As a basic unit of work based on the Internet e-government system, the computer terminal undertakes and participates in the processing, processing and storage of government information Storage and transmission and other important work, the main security threats and vulnerabilities include. ......Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GBZ24294.4-2017_English be delivered?Answer: Upon your order, we will start to translate GBZ24294.4-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time.Question 2: Can I share the purchased PDF of GBZ24294.4-2017_English with my colleagues?Answer: Yes. The purchased PDF of GBZ24294.4-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay. |
