September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
290
|
第
17
章
(
communications lead, CL
)。
CL
的核心职责是在事件发展过程中随时了解事件,并准备与
利益相关者进行沟通。
CL
的主要职责包括以下方面。
•
与销售部门、支持部门和其他内部团队合作,回答他们可能提出的任何问题。
•
为执行官、法务、监管机构和其他具有监督职能的人员准备简报。
•
与媒体和公关合作,确保人们掌握正确的信息,以便在必要时对事件做出准确和及时的
声明。确保响应团队之外的人不会做出互相矛盾的声明。
•
持续、仔细地关注事件信息的传播,以便事件相关员工遵守“需要知道”的指导方针。
CL
可以考虑联系相关领域专家
、外部危机沟通顾问或其他任何需要的人,以帮助自己在
最短时间内管理与事件相关的信息。
17.5
整合回顾
本节将通过假设一个任意规模的组织会遇到的入侵响应场景,将之前的内容串联起来。考
虑这样一个场景:一名工程师发现一个陌生的服务账户被添加到一个从未见过的云项目
中。中午,他将所发现的情况同步给了安全小组。经过初步调查,安全小组确定一名工程
师的账户可能已被入侵。结合前面介绍的建议和最佳实践,让我们从头到尾地介绍如何应
对这次入侵。
17.5.1
分诊
响应的第一步是分诊。从一个最坏的设想开始:安全团队对工程师账户被入侵的推断是正
确的。攻击者使用特权访问并查看敏感的内部信息或用户数据,这将是严重的安全事件,
因此需要宣布事件发生。
17.5.2
宣布事件
作为
IC
,你将以下事项通知安全团队的其他成员:
•
发生事件;
•
你将担任
IC
;
•
需要团队的额外支持才能进行调查。 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.