{"id":574,"date":"2021-07-04T11:30:34","date_gmt":"2021-07-04T03:30:34","guid":{"rendered":"https:\/\/choson.lifenet.com.tw\/?p=574"},"modified":"2023-03-29T16:31:33","modified_gmt":"2023-03-29T08:31:33","slug":"%e6%bc%8f%e6%b4%9e%e7%ae%a1%e7%90%86vulnerability-management","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=574","title":{"rendered":"\u6f0f\u6d1e\u7ba1\u7406(Vulnerability Management)"},"content":{"rendered":"\n<p><img decoding=\"async\" src=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20210704\/20132160nfeY26ZUns.jpg\" alt=\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20210704\/20132160nfeY26ZUns.jpg\"><br>\u7531\u65bc\u7ba1\u7406\u662f\u5be6\u73fe\u4e00\u500b\u6216\u591a\u500b\u76ee\u6a19\u7684\u7cfb\u7d71\u65b9\u6cd5\uff0c\u6211\u6839\u64da<a href=\"https:\/\/en.wikipedia.org\/wiki\/Vulnerability_management\" target=\"_blank\" rel=\"noreferrer noopener\">\u7dad\u57fa\u767e\u79d1<\/a>\u548c<a href=\"https:\/\/csrc.nist.gov\/glossary\/term\/vulnerability\" target=\"_blank\" rel=\"noreferrer noopener\">NIST CSRC \u8853\u8a9e\u8868<\/a>\u4e2d\u7684\u5b9a\u7fa9\u5b9a\u7fa9\u6f0f\u6d1e\u7ba1\u7406\uff0c\u4e26\u5c07\u5b83\u5011\u64f4\u5c55\u5982\u4e0b\uff1a<br>\u6f0f\u6d1e\u7ba1\u7406\u662f\u8b58\u5225\u3001\u5206\u985e\u3001\u512a\u5148\u6392\u5e8f\u3001\u4fee\u5fa9\u548c\u9a57\u8b49\u8cc7\u8a0a\u7cfb\u7d71\u3001\u7cfb\u7d71\u5b89\u5168\u7a0b\u5e8f\u3001\u5167\u90e8\u63a7\u88fd\u6216\u5be6\u65bd\u4e2d\u7684\u6f0f\u6d1e\u4ee5\u964d\u4f4e\u98a8\u96aa\u7684\u5468\u671f\u6027\u5be6\u8e10\u3002<\/p>\n\n\n\n<p><strong>\u7dad\u57fa\u767e\u79d1<\/strong><br>\u6f0f\u6d1e\u7ba1\u7406\u662f\u201c\u8b58\u5225\u3001\u5206\u985e\u3001\u78ba\u5b9a\u512a\u5148\u7d1a\u3001\u4fee\u5fa9\u548c\u7de9\u89e3\u201d\u8edf\u4ef6\u6f0f\u6d1e\u7684\u5faa\u74b0\u5be6\u8e10\u3002\uff08<a href=\"https:\/\/en.wikipedia.org\/wiki\/Vulnerability_management\" target=\"_blank\" rel=\"noreferrer noopener\">\u7dad\u57fa\u767e\u79d1<\/a>\uff09<\/p>\n\n\n\n<p><strong>NIST CSRC\u8853\u8a9e\u8868<\/strong><br>\u72f9\u7fa9\u4e0a\uff0c\u6f0f\u6d1e\u53ef\u80fd\u662f\u6307\u90a3\u4e9b\u88ab\u5217\u5165<a href=\"https:\/\/cve.mitre.org\/\" target=\"_blank\" rel=\"noreferrer noopener\">\u5e38\u898b\u6f0f\u6d1e\u548c\u66b4\u9732 (CVE)&nbsp;<\/a>\u7684\u6f0f\u6d1e\u3002<br>\u4f8b\u5982\uff0c\u6f0f\u6d1e\u7ba1\u7406\u662f\u201c\u4e00\u7a2e\u8b58\u5225\u8a2d\u5099\u4e0a\u7684\u6f0f\u6d1e [\u5e38\u898b\u6f0f\u6d1e\u548c\u66b4\u9732 (CVE)] \u7684 ISCM \u529f\u80fd\uff0c\u9019\u4e9b\u6f0f\u6d1e\u53ef\u80fd\u88ab\u653b\u64ca\u8005\u7528\u4f86\u7834\u58de\u8a2d\u5099\uff0c\u4e26\u5c07\u5176\u7528\u4f5c\u5c07\u7834\u58de\u64f4\u5c55\u5230\u7db2\u7d61\u7684\u5e73\u53f0\u3002\u201d \uff08<a href=\"https:\/\/csrc.nist.gov\/glossary\/term\/Vulnerability-Management\" target=\"_blank\" rel=\"noreferrer noopener\">NIST CSRC\u8853\u8a9e\u8868<\/a>\uff09<br>\u5f9e\u66f4\u5ee3\u6cdb\u7684\u610f\u7fa9\u4e0a\u8b1b\uff0c\u6f0f\u6d1e\u662f\u201c\u8cc7\u8a0a\u7cfb\u7d71\u3001\u7cfb\u7d71\u5b89\u5168\u7a0b\u5e8f\u3001\u5167\u90e8\u63a7\u88fd\u6216\u5be6\u65bd\u4e2d\u53ef\u80fd\u88ab\u5a01\u8105\u6e90\u5229\u7528\u6216\u89f8\u767c\u7684\u5f31\u9ede\u201d\u3002\uff08<a href=\"https:\/\/csrc.nist.gov\/glossary\/term\/Vulnerability-Management\" target=\"_blank\" rel=\"noreferrer noopener\">NIST CSRC\u8853\u8a9e\u8868<\/a>\uff09<br>\u5167\u90e8\u5b89\u5168\u63a7\u5236\u662f\u8cc7\u8a0a\u7cfb\u7d71\u5167\u7684\u786c\u9ad4\u3001\u5206\u4f4d\u6216\u8edf\u9ad4\u529f\u80fd\uff0c\u5c07\u8cc7\u6e90\u8a2a\u554f\u6b0a\u9650\u9650\u5236\u70ba\u50c5\u6388\u6b0a\u4e3b\u9ad4\u3002[<a href=\"https:\/\/csrc.nist.gov\/glossary\/term\/Vulnerability-Management\" target=\"_blank\" rel=\"noreferrer noopener\">NIST CSRC\u8853\u8a9e\u8868<\/a>)]<\/p>\n\n\n\n<p>\u8cc7\u6599\u4f86\u6e90\uff1a<a rel=\"noreferrer noopener\" href=\"https:\/\/wentzwu.com\/2019\/11\/30\/vulnerability-management\/\" target=\"_blank\">Wentz Wu\u7db2\u7ad9<\/a><\/p>\n\n\n\n<p>PS:\u6b64\u6587\u7ae0\u7d93\u904e\u4f5c\u8005\u540c\u610f\u520a\u767b \u4e26\u4e14\u6388\u6b0a\u53ef\u4ee5\u7ffb\u8b6f\u6210\u4e2d\u6587<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u7531\u65bc\u7ba1\u7406\u662f\u5be6\u73fe\u4e00\u500b\u6216\u591a\u500b\u76ee\u6a19\u7684\u7cfb\u7d71\u65b9\u6cd5\uff0c\u6211\u6839\u64da\u7dad\u57fa\u767e\u79d1\u548cNIST CSRC \u8853\u8a9e\u8868\u4e2d\u7684\u5b9a\u7fa9\u5b9a\u7fa9\u6f0f\u6d1e\u7ba1\u7406\uff0c\u4e26\u5c07\u5b83 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-574","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/574","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=574"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/574\/revisions"}],"predecessor-version":[{"id":2849,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/574\/revisions\/2849"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=574"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=574"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=574"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}