You cannot see this page without javascript.

진주성 블로그 방문하기

주요정보통신기반시설 기술적 취약점 분석 평가 상세 가이드

 

다운로드 (한국인터넷진흥원)_주요정보통신기반시설_기술적_취약점_분석_평가_상세_가이드_(2017).pdf

 

기술적 취약점 분석ㆍ평가 방법 상세가이드

 

Ⅰ. 개요 ······················································ 1
1. 개요 ·························································· 3
2. 목적 및 구성 ············································ 3
Ⅱ. 보안가이드라인 ····································· 5

 

UNIX 서버
기본/선택
1. 계정 관리 ····································· 11/ 93
2. 파일 및 디렉토리 관리 ················· 24/114
3. 서비스 관리 ································· 45/122
4. 패치 관리 ···································· 88
5. 로그 관리 ····································· 92/145
부록 ··············································· 149

 

윈도우즈 서버
기본/선택
1. 계정 관리 ··································· 165/246
2. 서비스 관리 ······························· 175/266
3. 패치 관리 ··································· 225/287
4. 로그 관리 ··································· 227/290
5. 보안 관리 ··································· 229/293
6. DB 관리 ············································ 311

 

보안장비
기본/선택
1. 계정 관리 ··································· 319/340
2. 접근 관리 ·································· 325
3. 패치 관리 ·································· 328
4. 로그 관리 ·········································· 341
5. 기능 관리 ··································· 330/348

 

네트워크 장비
기본/선택
1. 계정 관리 ··································· 355/386
2. 접근 관리 ··································· 362/390
3. 패치 관리 ·································· 367
4. 로그 관리 ·········································· 396
5. 기능 관리 ··································· 369/405


제어시스템
기본/선택
1. 계정 관리 ·································· 431
2. 패치 관리 ·································· 437
3. 접근 통제 ·································· 439
4. 보안 관리 ··································· 450/465


PC
기본/선택
1. 계정 관리 ··································· 481/520
2. 서비스 관리 ······························· 487/522
3. 패치 관리 ·································· 498
4. 보안 관리 ··································· 506/529


DBMS
기본/선택
1. 계정 관리 ··································· 541/573
2. 접근 관리 ··································· 553/578
3. 옵션 관리 ··································· 561/587
4. 패치 관리 ··································· 565/595
5. 로그 관리 ·········································· 597

 

웹(WEB)
1. 버퍼 오버플로우 ······························· 603
2. 포맷스트링 ········································ 605
3. LDAP 인젝션 ··································· 607
4. 운영체제 명령 실행 ·························· 609
5. SQL 인젝션 ······································ 611
6. SSI 인젝션 ······································· 620
7. XPath 인젝션 ··································· 622
8. 디렉터리 인덱싱 ······························· 624
9. 정보 누출 ········································· 629
10. 악성 콘텐츠 ···································· 632
11. 크로스사이트 스크립트 ··················· 633
12. 약한 문자열 강도 ··························· 638
13. 불충분한 인증 ································· 640
14. 취약한 패스워드 복구 ····················· 642
15. 크로스사이트 리퀘스트 변조(CSRF) 644
16. 세션 예측 ······································· 646
17. 불충분한 인가 ································· 648
18. 불충분한 세션 만료 ························ 650
19. 세션 고정 ······································· 653
20. 자동화 공격 ···································· 654
21. 프로세스 검증 누락 ························ 656
22. 파일 업로드 ···································· 659
23. 파일 다운로드 ································· 667
24. 관리자 페이지 노출 ························ 672
25. 경로 추적 ······································· 675
26. 위치 공개 ······································· 677
27. 데이터 평문 전송 ··························· 679
28. 쿠키 변조 ······································· 681

번호 제목 날짜 조회 수
80 TCP 프로토콜 Header 구조 2017.11.01 1554
79 TCP 상태전이 2017.11.01 614
78 전자우편 보안 2017.11.01 280
77 부팅(Booting) 과정 2017.11.01 317
76 디지털 컨텐츠 보호 2017.11.01 113
75 윈도우 보안 2017.11.01 186
74 보안솔류션 2017.11.01 218
73 AD(Active Directory) 2017.11.01 18593
72 DNS (Domain Name Service) file 2017.11.01 129
71 포트스켄 2017.11.01 148
70 SSL, IPSEC 2017.11.01 99
69 보안관제 file 2017.11.01 4767
68 VPN 2017.11.01 5138
67 개인정보 2017.11.01 74
66 암호학 2017.11.01 814
진주성 블로그 방문하기
CLOSE