GB/T 38561-2020 PDF English
Price & Delivery
US$145.00 · In stock · Download in 9 secondsGB/T 38561-2020: Information security technology - Technical requirements for cybersecurity management support system
Delivery: 9 seconds. True-PDF full-copy in English & invoice will be downloaded + auto-delivered via email. See step-by-step procedure
Status: Valid
| Standard ID | USD | BUY PDF | Delivery | Standard Title (Description) | Status |
| GB/T 38561-2020 | 145 | Add to Cart | Auto, 9 seconds. | Information security technology - Technical requirements for cybersecurity management support system | Valid |
Click to Preview this PDF
Similar standards
GB/T 38561-2020: Information security technology - Technical requirements for cybersecurity management support system
---This is an excerpt. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.), auto-downloaded/delivered in 9 seconds, can be purchased online: https://www.ChineseStandard.net/PDF.aspx/GBT38561-2020
NATIONAL STANDARD OF THE PEOPLE’S REPUBLIC OF CHINA ICS 35.040 L 80 Information security technology - Technical requirements for cybersecurity management support system ISSUED ON: MARCH 06, 2020 IMPLEMENTED ON: OCTOBER 01, 2020 Issued by: State Administration for Market Regulation; Standardization Administration of the People’s Republic of China.
Table of Contents
Foreword ... 4 1 Scope ... 5 2 Normative references ... 5 3 Terms and definitions ... 5 4 Acronyms ... 6 5 Overview ... 6 6 System function requirements ... 7 6.1 Security objective management ... 7 6.2 Emergency plan management ... 7 6.3 Object management ... 7 6.4 Monitoring of information security event ... 8 6.5 Operational monitoring ... 8 6.6 Process processing ... 8 6.7 Statistical analysis ... 9 6.8 Assessment management ... 9 6.9 Release and display ... 10 6.10 Acquisition and processing ... 10 6.11 Data exchange ... 10 6.12 Backup and recovery... 11 7 Self-security requirements ... 11 7.1 Identity authentication ... 11 7.2 Access control ... 11 7.3 Rights management ... 12 7.4 Data security ... 12 7.5 Security audit... 12 8 Security assurance requirements ... 13 8.1 Configuration management assurance ... 13 8.2 Development ... 13 8.3 Testing assurance ... 13 8.4 Delivery and operation-maintenance assurance ... 14 8.5 Guidance documents ... 14 8.6 Vulnerability analysis ... 14 8.7 Life cycle support ... 14 Information security technology - Technical requirements for cybersecurity management support system1 Scope
This standard specifies the technical requirements of the cybersecurity management support system, including system function requirements, self- security requirements, security assurance requirements. This standard applies to the planning, design, development and testing of cybersecurity management support systems.2 Normative references
The following documents are essential to the application of this document. For the dated documents, only the versions with the dates indicated are applicable to this document; for the undated documents, only the latest version (including all the amendments) are applicable to this standard. GB/Z 20986-2007 Information security technology - Guidelines for the category and classification of information security incidents3 Terms and definitions
The terms and definitions as defined in GB/Z 20986-2007 as well as the following apply to this document. 3.1 Cybersecurity management support system Based on the organization's security goals, objects, processes, etc., the system that supports the organization's cybersecurity management work. 3.2 Object An entity in cybersecurity management.6 System function requirements
6.1 Security objective management The support system has the management functions for organization’s security objective and shall meet the following requirements: a) Add, delete, query, modify security objective; b) Perform classified management of security objective; c) Publish and display security objective. 6.2 Emergency plan management The support system has emergency plan management functions and shall meet the following requirements: a) Add, delete, query and modify emergency plan information; b) Perform classified and hierarchical management of emergency plans. 6.3 Object management The support system has object management functions and shall meet the following requirements: a) Modify, delete and query the information of the object; b) Support automatic and manual acquisition of object’s information; c) Management of hardware assets, software assets, data assets, organizational personnel and other information, including: 1) Manage hardware asset information, including but not limited to IP address, MAC address, hardware model, etc.; Note 1: Hardware assets mainly include computers, network equipment, security equipment, storage equipment, security protection equipment, office equipment. 2) Manage software asset information, including but not limited to software version, installation location, installation time, etc.; Note 2: Software assets mainly include security systems, operating 6.12 Backup and recovery The support system has data backup and recovery functions, which shall meet the following requirements: a) Recover all data within six months, including but not limited to information security incidents, operational monitoring, alarms, processes, statistics and assessments; b) The stored record data is not overwritten and deleted; an alarm is issued before storage resources are exhausted.7 Self-security requirements
7.1 Identity authentication The identity authentication of the support system shall: a) During user registration, use the user name and user identifier to identify the user. b) When the user logs in, use a controlled password or other mechanism with corresponding security strength to authenticate the user. c) Adopt at least two kinds of identity authentication mechanisms, including but not limited to: "user name + password" authentication method, digital certificate authentication method, biometric authentication method. d) When using the "user name + password" authentication method, ensure the password’s complexity; set the user login’s attempt threshold. When the user's unsuccessful login attempt exceeds the threshold, lock the administrator account and generate an audit log. 7.2 Access control Support system’s access control shall: a) Allow or forbid access to system functions and data assets based on administrator user’s roles and permissions; b) Record and alert for illegal operations and attempted unauthorized access. data output. The system log is managed by the security auditor; b) Detect the working status of each functional module of the support system; issue alarm when the working status is abnormal.8 Security assurance requirements
8.1 Configuration management assurance Configuration management assurance shall meet the following requirements: a) Provide unique authorization identifier for different users; b) Provide corresponding configuration management documents according to different users. 8.2 Development The support system’s development shall meet the following requirements: a) Describe the security functions of the system; b) Describe the purpose and use of all security function interfaces; c) Describe all parameters related to each security function interface; d) Describe the security function implementation behavior related to the security function interface; e) Describe direct error messages caused by the behavioral processing of security functions; f) Provide system design documents. 8.3 Testing assurance While providing the support system, provide the test documentation of the system. The test documentation shall include: a) Determine the function of the system under test and describe the test objectives; b) The test plan, test process’s description, test results and comparison of expected test results with test results; ......Source: Above contents are excerpted from the full-copy PDF -- translated/reviewed by: www.ChineseStandard.net / Wayne Zheng et al.
