Please enable JavaScript.
Coggle requires JavaScript to display documents.
EIP 資安報告 (System and Service Acquisition (系統與服務獲得) (SDLC-Develop(系統開發階段),…
EIP 資安報告
System and Service Acquisition
(系統與服務獲得)
SDLC-Develop(系統開發階段)
OWASP TOP 10
SDLC-Test(系統測試階段)
弱點掃描
SLDC-Deploy & Maintenance(部署與維運階段)
更新修補
Acquisition Process(獲得程序)
開發、測試及正式環境區隔
Documentation(資訊系統文件)
儲存相關文件
Access Control
(存取控制)
帳號管理
最小權限
遠端存取
Audit and Accountability
(稽核與可歸責性)
Events
Storage Capacity
Record
Identification and Authentication
(識別與鑑別)
User
Device
Cryptographic
Contingency Planning
(營運持續計畫)
Backup
Redundancy
System and Communication Protection
(系統與通訊保護)
Transmission Confidentiality and Integrity(傳輸之機密性與完整性)
Protection of Information at Rest(資料儲存之安全)
System and Information Integrity
(系統與資訊完整性)
Flaw Remediation(漏洞修復)