|
US$419.00 · In stock
Delivery: <= 4 days. True-PDF full-copy in English will be manually translated and delivered via email.
GA/T 1717.1-2020: Information security technology - Notification and warning of cyber security incidents - Part 1: Terminology
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GA/T 1717.1-2020 | English | 419 |
Add to Cart
|
4 days [Need to translate]
|
Information security technology - Notification and warning of cyber security incidents - Part 1: Terminology
| Valid |
GA/T 1717.1-2020
|
PDF similar to GA/T 1717.1-2020
Basic data | Standard ID | GA/T 1717.1-2020 (GA/T1717.1-2020) | | Description (Translated English) | Information security technology - Notification and warning of cyber security incidents - Part 1: Terminology | | Sector / Industry | Public Security (Police) Industry Standard (Recommended) | | Classification of Chinese Standard | A90 | | Classification of International Standard | 35.240 | | Word Count Estimation | 18,185 | | Date of Issue | 2020-03-24 | | Date of Implementation | 2020-08-01 | | Issuing agency(ies) | Ministry of Public Security | GA/T 1717.1-2020: Information security technology - Notification and warning of cyber security incidents - Part 1: Terminology
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
(Information Security Technology Network Security Incident Notification and Early Warning-- - Part 1.Terminology)
ICS 35.240
A90
People's Republic of China Public Safety Industry Standard
Information security technology, network security incident notification and early warning
Part 1.Terminology
2020-03-24 release
2020-08-01 Implementation
Issued by the Ministry of Public Security of the People's Republic of China
Table of contents
Preface Ⅲ
Introduction Ⅳ
1 Scope 1
2 General concept 1
3 Technology 1
4 Business 6
Chinese Pinyin Index 8
English Correspondence Index 10
Reference 13
Foreword
GA/T 1717 "Information Security Technology Cybersecurity Incident Notification and Early Warning" is divided into three parts.
---Part 1.Terminology;
---Part 2.Notification and early warning process specifications;
---Part 3.Data classification coding and labeling system technical specifications.
This part is part 1 of GA/T 1717.
This section was drafted in accordance with the rules given in GB/T 1.1-2009.
This part was proposed by the Cyber Security Bureau of the Ministry of Public Security.
This part is under the jurisdiction of the Information System Security Standardization Technical Committee of the Ministry of Public Security.
Drafting organizations of this section. Cyber Security Bureau of Ministry of Public Security, Third Research Institute of Ministry of Public Security, Institute of Software, Chinese Academy of Sciences, Taiji Computer
Co., Ltd., Venus Star Information Technology Group Co., Ltd., Qi Anxin Technology Group Co., Ltd., State Grid Net Security (Beijing)
Technology Co., Ltd.
The main drafters of this section. Du Jiaying, Huang Xiaosu, Zhang Xiudong, Wu Chenmiao, Ren Bin, Chen Changsong, Gao Qi, Zhang Chao, Hou Maoqiang, Ma Min, Li Shu,
Yin Qian and Li Zhiqi.
Introduction
At present, the network security situation is becoming increasingly severe, security threats are becoming more diversified, vulnerabilities are frequently occurring, and the impact of security incidents is becoming more and more profound.
Seriously endanger national security, public safety and people's interests.
Network security incident notification and early warning is an important part of the national network security guarantee system and an important work content required by national laws and regulations.
In order to further clarify the standardized description language system, work process specification, classification coding method and marking of network security incident notification and early warning
Labeling system to standardize the notification and early warning of cybersecurity incidents, effectively maintain the security of the country’s critical information infrastructure, and protect the interests of the people,
For public safety and national security, GA/T 1717 is specially formulated.
GA/T 1717 is divided into three parts, which can carry out network security monitoring and analysis, notification and early warning, and emergency response for network security functional departments
Provide basis and reference. Part 1 clarifies the key terms and meanings needed in the notification and early warning work of cybersecurity incidents, and unified standards
The interactive language of all parties in the notification and early warning work; Part 2 regulates the grading method, notification process and early warning process of cybersecurity incidents.
Effectively improve the efficiency of notification and early warning; Part 3 regulates the classification method and coding method of relevant data in the notification and early warning of cyber security incidents.
The law and labeling system can provide support for the mechanized, intelligent and digital development of network security notification and early warning.
Information security technology, network security incident notification and early warning
Part 1.Terminology
1 Scope
This part of GA/T 1717 specifies the terms and definitions involved in the notification and early warning of cybersecurity incidents.
This part is applicable to network security incident monitoring and analysis, notification and early warning, investigation and disposal, and related management and technical research work.
And express related concepts.
2 General concepts
2.1
attacker
Intentionally exploiting the vulnerabilities of technical and non-technical security control measures to steal or damage information systems and networks, or damage information
Anyone with the availability of system and network resources to legitimate users.
2.2
attack
Attempt to destroy, leak, tamper with, damage, steal, unauthorized access or unauthorized use of assets.
[GB/T 29246-2017, definition 2.3]
2.3
Invade
Unauthorized access to the network or networked system, that is, intentional or unintentional unauthorized access to information systems, including information systems
Malicious activities or unauthorized use of resources in the information system.
2.4
Cybersecurity incident
Causes harm to the network or information system or to society due to natural or man-made defects or failures of the software and hardware itself
Negatively impacted events.
[GB/T 32924-2016, definition 3.4]
Note. Refer to GB/T 20986-2007, network security incidents include harmful program incidents, network attack incidents, information destruction incidents, information content security incidents,
Equipment failures, catastrophic events and other events.
3 Technology
3.1
Harmful program
Malicious program
A program specifically designed to damage or destroy the system, to attack confidentiality, integrity or availability.
Note. Harmful programs include viruses, Trojan horses, backdoors, worms, etc.
3.2
virus
Insert a set of computer instructions in a computer program that destroys computer functions or data, affects the use of the computer and can copy itself
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GA/T 1717.1-2020_English be delivered?Answer: Upon your order, we will start to translate GA/T 1717.1-2020_English as soon as possible, and keep you informed of the progress. The lead time is typically 2 ~ 4 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GA/T 1717.1-2020_English with my colleagues?Answer: Yes. The purchased PDF of GA/T 1717.1-2020_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|