Understanding: the role of the security nexus, the role of the sealed confidential load。
Chapter v web security
I. Aims and requirements for learning
Through this chapter, learning about the concepts and roles of web servers, browsers, cgi, http protocols, HTML languages, safety needs of web servers, safety strategies and security measures, safety strategies for web browsers and security elements for web sites。
Ii. Examination of knowledge points and objectives
(i) web technical brief (general)
Note: the concepts and functions of web servers and browsers, http protocols, HTML languages, cgi concepts and roles。
(ii) web security requirements (general)
Note: web security risks and architecture, web security requirements。
(iii) web server security strategy (sub-focus)
Note: gap on web server, web server security strategy and security mechanism。
Understand: organization of the web server concept and steps, measures to secure the web server。
(iv) web browser security policy (sub-focus)
Note: methodological measures to address the insecurity associated with automatic browser-induced applications, the hazards of malicious code and repair measures, and loopholes in the browser itself。
Understanding: e-mail fraud, ip deception, safe use of web browsers, security elements at web site。
Chapter vi data security
I. Aims and requirements for learning
Through this chapter, learning about data security objectives, basic concepts of data encryption, concepts and realization of traditional data encryption techniques, symmetric encryption techniques and public key encryption technologies, methods of des, characteristics and uses of rsa algorithms, basic concepts and applications of data compression, importance and methods of data backup, and the use of disk copying tools and concepts and functions of disk array technology。
Ii. Examination of knowledge and objectives
(i) data encryption (focus)
Note: data security objectives, role of data encryption, traditional password classification and concepts, symmetric and asymmetric encryption concepts, distinction, characteristics of des and rsa algorithms, scope of application, data signature concepts and process of realization。
Understanding: a single code concept, concepts and methods of traditional password techniques and symmetric, asymmetric encryption。
Application: application of data encryption algorithms。
(ii) data compression (sub-focus)
Note: data compression concepts and classification of compression techniques。
Application: use of data compression tools。
(iii) data backup (general)
Note: the basic concept of data backup and its importance, the rad concept。
Application: use of data backup methods and backup tools。
Chapter 7 computer virus
I. Aims and requirements for learning
Learning through this chapter to understand the concept and development of computer viruses, their characteristics and classification, and mastering computers
The identification and treatment of viruses, the characteristics of typical viruses, hazards and prevention, and the characteristics of several anti-virus software。
Ii. Examination of knowledge points and objectives
(i) computer virus profile (general)
Note: concepts and characteristics of viruses, classification of viruses, characteristics of typical viruses。
Understanding: virus identification and prevention
(ii) cybervirus and prevention (sub-focus)
Note: characteristics of cybervirus, characteristics of cyber-anti-virus technology, anti-viral characteristics of the anti-virus firewall。
Understanding: the spread and manifestations of cybervirus, the characteristics of web-based anti-virus technology。
Application: prevention of cybervirus, use of commonly used anti-virus software。
Chapter 8 hacker attacks and prevention
I. Aims and requirements for learning
Learning through this chapter about hacker concepts and hazards, hack attacks, hacking methods and commonly used tools, hand hands
Use of scanners, working principles and methods of use, knowledge of the form of a black attack, prevention of hacker attacks
Law, understand the concept and techniques of intrusion detection。
Ii. Examination of knowledge points and objectives
(i) hacker attacks (sub-focus)
Memory: the concept of hackers, the purpose of hacker attacks
Understanding: the three phases of hacker attacks and the various means of attack, the hazards and rationale of the instruments commonly used in hacker attacks。
(ii) the form of hacker attack and its prevention (sub-focus)
Memory: buffer zone spills, denial of services, trojan horse concept。
Understanding: refusal of service, trojan horse, methods of attack and course of attack spilling out of the buffer zone, methods of detection and response of hackers。
(iii) network intrusion detection model (general)
Note: concept of intrusion detection, methods of intrusion detection。
Understand: denning intrusion detection model structure。
Chapter ix firewall technology
I. Aims and requirements for learning
Learning through this chapter to understand firewall concepts and functional features, firewall types, package filter firewalls, agents
Server firewalls, features of status monitor firewalls and working principles, mastering of firewall configuration and operational fire protection wall
The rationale of the system and the process of its realization, the selection strategy for the firewall and the method of its installation and use, as well as the main firewall products。
Ii. Examination of knowledge points and objectives
(i) firewall basic knowledge and characteristics (general)
Note: classification of firewall concepts and functional features, firewalls。
Understand: package filters firewalls, status monitors firewalls, working principles and features of proxy server firewalls。
(ii) firewall configuration (sub-focus)
Note: how the firewall is configured。
Understand: characteristics, composition and working principles of shielding the host and shielding subnet firewalls。
(iii) firewall procurement and use (general)
Understand: firewall selection strategy, installation method and maintenance requirements, typical firewall features。
Chapter x laws and regulations on cybersecurity
I. Aims and requirements for learning
Learning through this chapter about the importance of the laws and regulations relating to the internet and about the various legal acts relating to the internet
Main content, scope of application。
Ii. Examination of knowledge points and objectives
(i) network-related laws and regulations. (general)
Memory: laws and regulations relating to the internet
Understanding: the importance of developing legislation and regulations related to the internet。
(ii) main laws and regulations (general)
Note: the main elements and scope of application of the relevant laws and regulations governing cybersecurity, the main content of the legal norms governing internet users, the security management system for the dissemination of internet information, the legal control of electronic bulletin services, the laws and regulations governing online transactions, etc。
Part iii on description and implementation requirements
I. Description of the level of capability to assess objectives
The objectives of the examination for this course are divided into three levels of competence: recognition, understanding and application, and they are an evolutionary relationship, which must be based on the former. It means:
Note: it is a low-level requirement to know the meaning of the relevant terminology, concepts, knowledge and to be properly understood and expressed。
Understanding: it is a higher-level requirement that basic concepts, rationales, basic approaches and differences and linkages between concepts, rationales and methods be fully understood on the basis of memory。
Application: the ability to analyse and resolve the relevant theoretical and practical problems using basic concepts, rationales, basic methodologies in connection with multiple knowledge points learned is a requirement at the highest level, based on understanding。
Ii. Designation of teaching materials
Computer cybersecurity, and so on. Qinghua university press, september 2004
Iii. Guidance on self-learning methods
1. Before starting to read a chapter of a given teaching material, review the content of the chapter in the outline, as well as the competency level requirements and objectives of the knowledge point, in order to be balanced, focused and targeted in reading the material。
On the basis of an understanding of the content of the examination outline, and in accordance with the knowledge points and requirements of the examination, the teaching materials are to be read paragraph by paragraph and sentence by sentence, with a focus on each knowledge point, with a deep understanding of the basic concepts, a thorough understanding of the underlying theory, a solid grasp of the basic methods and a coherent understanding of them, and a complete knowledge system in the mind。
3 in self-study, both thinking about issues and reading notes, the basic concepts, rationales, methods, etc. Of the teaching materials, which can be used to deepen the understanding, understanding and memory of the issues in order to help focus and cover the whole content, and to continuously improve self-learning capabilities. At the same time, self-learning on the contents of chapters can be remembered on the basis of understanding and must not be fatal。
Post-booking and appropriate coaching exercises are important links to understanding, digesting and consolidating the knowledge acquired, developing analysis of problems, problem solving and capacity-building. Prior to the exercise, the teaching materials should be carefully read, the content of the materials should be understood at the different levels required by the objectives, the knowledge acquired should be properly reviewed and developed in the course of the exercise, attention should be given to theoretical linkages and specific analysis of the actual and specific problems, attention should be paid to the development of logic, a structured discussion or extrapolation of the issues around the relevant knowledge points, and the logical relationship between the various levels (steps) should be clarified。
Iv. Social assistance requirements
1. Be familiar with the general requirements of the curriculum and the points of knowledge of the chapters。
2. The level of competence required by each knowledge point should be captured and the objectives of each knowledge point should be understood in depth。
3. Counselling should be based on examination syllabuses and be based on prescribed teaching materials, and should not be randomly added or deleted to avoid disconnection from the syllabus。
4. In coaching, learning methods should be guided. Promotion of the method of “reading teaching materials carefully, studying them hard, actively seeking help and learning by themselves”。
5. In coaching, be focused, answer the questions asked by the candidates, and be proactive in providing guidance
6. Attention is paid to the development of the competencies of counterparts, especially in self-learning, to guide students towards learning independently and to the ability to raise questions, analyse problems and solve problems in self-learning。
The difficulty of learning about the subject is not exactly the same as the level of competence, and there are different challenges at each level of competence。
The total number of hours recommended for the course is 72 and the number of hours allocated is as follows:
Chapter
Contents
Time of reference
Chapter i
Fundamentals of cybersecurity
Chapter ii
Physical and environmental safety
Chapter iii
Operating system security
Chapter iv
Cyber communications security
Chapter v
Web's safe
Chapter vi
Data security
16
Chapter vii
Virus
Chapter viii
Hacker assault and prevention
16
Chapter ix
Firewall technology
Chapter x
Cybersecurity laws and regulations
Total
72
V. Specific provisions on the text of the evaluation
1. The elements referred to in the various chapters of this outline and the objectives of the examination are the subject of the examination. The subject is covered by the chapter and appropriately focused。
The percentages of the test questions for different levels of competence in the paper are roughly 10 per cent for: “recognition”, 30 per cent for “understanding” and 60 per cent for “application”。
3. The ease of the test is reasonable: it is easy, easier, harder, harder than it is at 2:3:3:2。
The proportion of test points per paper is about 65 per cent, 25 per cent and 10 per cent in general。
5. The basic types of topics used in the title of the course include blanking, one-way selection, multi-way selection, terminology interpretation, abbreviation, application, etc。
6. The examination is conducted in closed writing, with a time limit of 150 minutes, with a percentage rating of 60 being qualified。
Vi. Example of the topic
(i) filling in blanks
Web cheats include and。
(ii) individual selection issues
1. The cable connection threat does not include。
A. Dial-in to b
(iii) multiple choices
Harmful procedures include。
A. Computer virus b. Code bomb c. Trojan horse d. Monitor e. Spam
(iv) explanation of terminology
1. Physical security 2. Logical security
(v) brief answers
1. The rationale for spilling out of the buffer zone。
(vi) applications
1. Set its security level in the web browser ie。
If you have any questions, you are invited to consult
