September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
274
|
第
17
章
的客户签订的服务合同等。如今,客户要求在首次检测到潜在安全问题的
24
小时(或更
短时间)内收到通知,这种情况也很常见。
伴随着技术的进步,如云计算便捷且广泛的使用、“自带设备”(
BYOD
)在办公场合被广
泛接受以及物联网(
IoT
)
的兴起,事件通知已成为安全领域的一个核心功能。这些技术
进步也给
IT
人员和安全人员带来了新的挑战,例如管控组织所有资产和限制可见性。
17.1
是否存在危机
并非每个事件都是危机。事实上,如果组织运营状态良好,很少有事件会演变成危机。一
旦发生事件升级,响应人员评估升级的第一步是
分诊
,即利用所掌握的知识和信息对事件
的严重性和潜在后果做出有根据的推断。
分诊
(
triage
)
一词源于急诊医学中的一项历史悠久的操作。到达车辆事故现场的急救人员将
首先确保现场人员没有进一步受伤的直接风险,然后进行分诊。举例来说,如果一辆公共汽
车与一辆小汽车相撞,那么根据逻辑已经能推理出一些可用信息了。因为与一辆公共汽车相
撞造成的损伤很严重,所以小汽车上的人可能身受重伤。一辆公共汽车可以容纳许多乘客,
因此可能会有多人受伤。不太可能有危险化学品,因为这两辆车通常都不会运载它们。在到
达现场的第一分钟内,急救人员就知道要呼叫更多的救护车,可能需要通知重症监护室,并
打电话给消防部门将被困人员从小型车辆中解救出来。现场可能不需要危险品清理小组。
安全响应团队应该使用相同的评估方法来对事件进行分诊。他们首先必须评估攻击的潜在
严重性。
17.1.1
事件分诊
在分诊时,被指派调查的工程师必须收集基本事实,以帮助判断事件升级是否属于以下情 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.