September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
危机管理
|
283
大规模数字取证
虽然本章介绍了取证分析的基本原理,但如何在大规模或类似云这样的困难环境
(可能没有常用的工具,或工具可能与正常情况不同)中做取证是一个很大的话题。
Google
的
Open Source DFIR
系列文章更深入地讨论了此类话题。
17.3
控制事件
宣布事件并且为团队成员分配责任后,
IC
就负责保证工作顺利推进。这需要预测响应团队的
需求,并在它们演变为问题前解决。为了使工作有效,
IC
应将所有时间用于控制和管理事
件。如果你作为
IC
,发现自己正参与日志检查
、快速取证或以其他方式参与运营,则是时候
退出来重新评估各项工作的优先级了。如果没有人掌舵,一艘船肯定会偏离航向甚至沉没。
17.3.1
并行处理事件
理想情况下,一支有经验的
IR
团队可通过分解事件响应过程以及同时处理每个部分,来
最大限度地实现
并行
处理。如果预料到在事件生命周期中需要用到一项未分配的任务或一
条信息,可指派某人来完成或做准备。例如,你可能还没有准备好与执法部门或第三方公
司共享取证调查结果,但如果计划在将来共享,就不能采用原始调查记录。在调查进行的
过程中,指派一个人准备一份经过修订并可共享的取证指标清单。
在取证调查的早期阶段就开始准备清理环境,这似乎有违常理。但如果人手充足,那正是分
配这项任务的好时机。
IMAG
框架允许随时创建自定义角色
,这样一来就可以在事件发生期
间的任何时候找人承担
补救负责人
(
RL
)的角色
。当运维团队确认被入侵的区域后,
RL
就
可以着手研究。有了这些信息,
RL
可以制订一个计划
,稍后清理和修复这些区域。当运维 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.