September 2021
Beginner to intermediate
392 pages
12h 13m
Chinese
book
Google系统架构解密: 构建安全可靠的系统
by Heather Adkins, Betsy Beyer, Paul Blankinship, Piotr Lewandowski, Ana Oprea, Adam Stubblefield
Content preview from Google系统架构解密: 构建安全可靠的系统
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
恢复和善后
|
295
根据我们的经验,负责恢复的工程师通常是日常设计、实现和维护这些系统的人。在攻击
过程中,需要召集安全专家担任特定角色,例如执行取证活动、排查安全漏洞或做出复
杂的决定(参见第
17
章)
。但要将系统恢复到已知良好状态,则需要日常使用系统所获
得的专业知识。事件协调搭配恢复工作,让安全专家和恢复工程师能双向共享信息来恢
复系统。
从安全攻击中恢复所涉及的场景,通常比提前准备的行动手册中所包含的更为不确定
1
。攻
击者可以在攻击中更改其行为,恢复工程师可能会犯错误或发现其系统的意外特征或细
节。本章中介绍了一种动态恢复方法,旨在灵活应对攻击者。
恢复行动也是改善安全态势的强大工具。恢复的形式包括短期策略缓解和长期战略改善。
在本章结束时,我们将借助一些方法来探讨安全事件、系统恢复,以及下一个事件之前的
平静期之间的关系。
18.1
恢复调度
正如上一章中所讨论的那样,并行化响应有助于良好地管理事件。在恢复过程中,并行化处
理尤其能带来收益。从事恢复工作的人员不应该与事件调查人员是同一批人,原因如下。
•
事件的调查阶段通常耗时且仔细,需要长时间的专注。在长时间的事件中,调查团队通
常需要在恢复工作开始前休息一下。
•
可能会在调查仍在进行时就开始恢复。因此,需要有能够并行工作的独立团队来相互提
供信息。
•
开展调查所需的技能可能与恢复工作所需的技能不同。
在准备恢复和考虑你的选择时,应该有一个正式的团队结构。根据事件的范围,团队可以
小到独立个人,也可以大到整个组织。我们建议建立协调机制来应对复杂事件 ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.