|
US$239.00 · In stock
Delivery: <= 3 days. True-PDF full-copy in English will be manually translated and delivered via email.
GBZ24294.4-2017: Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security
Status: Valid
| Standard ID | Contents [version] | USD | STEP2 | [PDF] delivered in | Standard Title (Description) | Status | PDF |
| GB/Z 24294.4-2017 | English | 239 |
Add to Cart
|
3 days [Need to translate]
|
Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security
| Valid |
GB/Z 24294.4-2017
|
PDF similar to GBZ24294.4-2017
Basic data | Standard ID | GB/Z 24294.4-2017 (GB/Z24294.4-2017) | | Description (Translated English) | Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security | | Sector / Industry | National Standard | | Classification of Chinese Standard | L80 | | Classification of International Standard | 35.040 | | Word Count Estimation | 12,155 | | Date of Issue | 2017-05-12 | | Date of Implementation | 2017-12-01 | | Older Standard (superseded by this standard) | GB/Z 24294-2009 | | Quoted Standard | GB/T 30278-2013 | | Issuing agency(ies) | General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China | | Summary | This standard applies to organizations that do not have e-government network or no leased communication network. They are based on the Internet to carry out e-government information security construction that does not involve state secrets and provide information for managers, engineering technicians and information security products providers Safe construction to provide management and technical reference. Involving national secrets, or stored, processed, transmitted information may be involved in state secrets, in accordance with national secrecy provisions and standards. | GBZ24294.4-2017: Information security technology -- Guide of implementation for Internet-based e-government information security -- Part 4: Defence for terminal security
---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Guide to implementation for Internet-based e-government information security. Part 4. Defense for terminal security
ICS 35.040
L80
People's Republic of China national standardization of technical guidance documents
Partially replace GB /Z 24294-2009
Information Security Technology
Internet-based e-government information security implementation guidelines
Part 4. Terminal Security
e-governmentinformationsecurity-Part 4.Defenseforterminalsecurity
2017-05-12 Posted
2017-12-01 Implementation
General Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China
China National Standardization Administration released
Directory
Foreword Ⅲ
Introduction IV
1 Scope 1
2 Normative references 1
3 Terms and definitions 1
4 Abbreviations 1
5 Terminal Security Features and Implementation Principles 1
5.1 Security vulnerabilities 1
5.2 Safety Function 2
5.3 Implementation principles 2
6 terminal security application mode 2
6.1 Terminal Basic Security Application Mode 2
6.2 Terminal enhanced security application mode 3
6.3 mobile terminal security application mode 3
7 terminal basic security requirements 3
7.1 system service configuration 3
7.2 Account Policy Configuration 3
7.3 Log and Audit Policy Configuration 3
7.4 browser security configuration 4
7.5 malicious code to prevent 4
7.6 Personal Firewall 4
7.7 System Vulnerability Patch Upgrade 4
8 terminal enhance security requirements 4
8.1 Safety Test 4
8.2 program operation authorization 5
8.3 Secure E-mail 5
8.4 Safety briefcase 5
8.5 Security Audit 5
9 mobile terminal security requirements 6
9.1 Portable Terminal Security 6
9.2 Handheld Terminal Security 7
References 8
Foreword
GB /Z 24294 "Information Security Technology Internet-based e-government information security implementation guidelines" is divided into four parts.
--- Part 1. General principles;
--- Part 2. Access control and security exchange;
--- Part 3. Identity and authorization management;
--- Part 4. Terminal Security.
This section GB /Z 24294 Part 4.
This section drafted in accordance with GB/T 1.1-2009 given rules.
Part of this section instead of GB /Z 24294-2009 "Information Security Technology Internet-based e-government information security implementation guidelines."
Compared with GB /Z 24294-2009, the main technical changes are as follows.
--- Added vulnerabilities and major threats to Internet-based e-government terminals;
--- Supplement clearly defined based on the Internet e-government terminal security features and implementation principles;
--- Complement the division based on Internet e-government terminal security protection of the main application mode;
--- Supplementary specification based on the Internet e-government terminal in three application modes of security requirements.
This part of the National Information Security Standardization Technical Committee (SAC/TC260) and focal point.
This part of the drafting unit. People's Liberation Army Information Engineering University, China Electronics Standardization Institute, Beijing Tian Rong Xin Technology Co., Ltd. Zheng
Dazhou Great Information Technology Co., Ltd.
The main drafters of this section. Chen Xingyuan, Du Xuehui, Sun Yi, Xia Chuntao, Cao Li-feng, Zhang Dongwei, Ren Zhiyu, Luo Feng surplus, Shangguan Xiao Li,
Dong Guohua.
This part replaces the standards previously issued as.
--- GB /Z 24294-2009.
Introduction
The Internet has become an important information infrastructure, making active use of the Internet for the construction of e-government in our country, which can not only improve efficiency and expand
Service coverage, but also save resources and reduce costs. The use of open Internet to carry out e-government construction, computer terminals in the e-government
To undertake and participate in the government information processing, storage and transmission and other important work, facing malicious code, cyber attacks, information leakage and
Identity fraud and other security threats and risks. In order to promote the Internet in our e-government applications, guidance based on the Internet e-government terminal
Security work, specially formulated in this section.
This section is mainly applicable to organizations that do not have e-government extranet lines or do not have leased communications network special line conditions, to carry out non-involved
State secrets e-government construction, when the construction needs, according to security strategy and e-government network security docking.
Information Security Technology
Internet-based e-government information security implementation guidelines
Part 4. Terminal Security
1 Scope
This part of GB /Z 24294 in accordance with the terminal security strategy, a clear Internet-based e-government terminal security technology
Claim.
This section applies to no e-government outside the green line or not leased communication network dedicated line organization, based on the Internet
Do not involve the state secrets of e-government information security construction, for managers, engineers and technicians, information security products provider information
Safety Management provides a management and technical reference. Where state secrets are involved or state secrets may be involved after the gathering of information stored, processed and transmitted,
In accordance with national security regulations and standards.
2 Normative references
The following documents for the application of this document is essential. For dated references, only the dated version applies to this article
Pieces. For undated references, the latest edition (including all amendments) applies to this document.
Information technology - Computerized terminal computer core configuration specifications
3 Terms and definitions
The following terms and definitions apply to this document.
3.1
Safe government terminal terminalforsecuregovernmentaffairs
Meet the government office security protection technology requirements, to carry out government office and business applications of computer terminals and handheld terminals.
4 Abbreviations
The following abbreviations apply to this document.
FTP File Transfer Protocol (FileTransferProtocol)
IIS Internet Information Services (InternetInformationServices)
IP Internet Protocol (InternetProtocol)
WWW WorldWideWeb
5 Terminal Security Features and Implementation Principles
5.1 Safety Vulnerability
As a basic unit of work based on the Internet e-government system, the computer terminal undertakes and participates in the processing, processing and storage of government information
Storage and transmission and other important work, the main security threats and vulnerabilities include.
Tips & Frequently Asked Questions:Question 1: How long will the true-PDF of GBZ24294.4-2017_English be delivered?Answer: Upon your order, we will start to translate GBZ24294.4-2017_English as soon as possible, and keep you informed of the progress. The lead time is typically 1 ~ 3 working days. The lengthier the document the longer the lead time. Question 2: Can I share the purchased PDF of GBZ24294.4-2017_English with my colleagues?Answer: Yes. The purchased PDF of GBZ24294.4-2017_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet. Question 3: Does the price include tax/VAT?Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countriesQuestion 4: Do you accept my currency other than USD?Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.
|