{"id":758,"date":"2021-08-08T20:27:20","date_gmt":"2021-08-08T12:27:20","guid":{"rendered":"https:\/\/choson.lifenet.com.tw\/?p=758"},"modified":"2021-08-08T20:33:09","modified_gmt":"2021-08-08T12:33:09","slug":"%e9%a2%a8%e9%9a%aa%e6%9b%9d%e9%9a%aa%ef%bc%88risk-exposure-%ef%bc%89","status":"publish","type":"post","link":"https:\/\/choson.lifenet.com.tw\/?p=758","title":{"rendered":"\u98a8\u96aa\u66dd\u96aa\uff08Risk exposure \uff09"},"content":{"rendered":"\n

<\/p>\n\n\n\n

\"https:\/\/ithelp.ithome.com.tw\/upload\/images\/20210808\/20132160NJJerQkLvw.jpg\"
-\u4ec0\u9ebc\u662f\u98a8\u96aa\uff1f<\/p>\n\n\n\n

ISO\/IEC\/IEEE 24765:2017 \u7cfb\u7d71\u548c\u8edf\u4ef6\u5de5\u7a0b \u2014 \u8a5e\u5f59<\/p>\n\n\n\n

  1. \u98a8\u96aa\u7d66\u500b\u4eba\u3001\u9805\u76ee\u6216\u7d44\u7e54\u5e36\u4f86\u7684\u6f5b\u5728\u640d\u5931
    [ISO\/IEC 16085:2006 \u7cfb\u7d71\u548c\u8edf\u4ef6\u5de5\u7a0b \u2014 \u751f\u547d\u9031\u671f\u904e\u7a0b \u2014 \u98a8\u96aa\u7ba1\u7406\uff0c3.10 ]<\/li>
  2. \u98a8\u96aa\u767c\u751f\u7684\u53ef\u80fd\u6027\u53ca\u5176\u767c\u751f\u7684\u5f8c\u679c\u7a0b\u5ea6\u7684\u51fd\u6578
    [ISO\/IEC 16085:2006 \u7cfb\u7d71\u548c\u8edf\u4ef6\u5de5\u7a0b\u2014\u2014\u751f\u547d\u9031\u671f\u904e\u7a0b\u2014\u2014\u98a8\u96aa\u7ba1\u7406\uff0c3.10]<\/li>
  3. \u6982\u7387\u4e58\u4ee5\u6f5b\u5728\u640d\u5931\u7684\u4e58\u7a4d\u5c0d\u65bc\u98a8\u96aa\u56e0\u7d20
    \u6ce8 1\uff1a\u98a8\u96aa\u66b4\u9732\u901a\u5e38\u88ab\u5b9a\u7fa9\u70ba\u6982\u7387\u548c\u5f8c\u679c\u5927\u5c0f\u7684\u4e58\u7a4d\uff0c\u5373\u9810\u671f\u503c\u6216\u9810\u671f\u66b4\u9732\u3002<\/li><\/ol>\n\n\n\n

    \u98a8\u96aa\u66dd\u96aa\u662f\u98a8\u96aa\u7684\u5ea6\u91cf\u3002\u5b83\u8003\u616e\u4e86\u98a8\u96aa\u7684\u4e0d\u78ba\u5b9a\u6027\u548c\u5f71\u97ff\u90e8\u5206\u3002\u98a8\u96aa\u662f\u6307\u4e0d\u78ba\u5b9a\u6027\u5c0d\u76ee\u6a19\u7684\u5f71\u97ff\u3002\u4e0d\u78ba\u5b9a\u6027\u548c\u5f71\u97ff\u53ef\u4ee5\u5b9a\u91cf\u548c\u5b9a\u6027\u6e2c\u91cf\u3002\u98a8\u96aa\u66dd\u96aa\u4e5f\u662f\u5982\u6b64\u3002\u98a8\u96aa\u5206\u6790\u662f\u78ba\u5b9a\u98a8\u96aa\u66b4\u9732\u4ee5\u512a\u5148\u8003\u616e\u98a8\u96aa\u4e26\u70ba\u98a8\u96aa\u8a55\u4f30\u6c7a\u7b56\u548c\u98a8\u96aa\u8655\u7406\u63d0\u4f9b\u4fe1\u606f\u7684\u904e\u7a0b\u3002<\/p>\n\n\n\n

    \u98a8\u96aa\u8a55\u4f30\/\u5206\u6790\uff08Risk Assessment\/Analysis\uff09<\/strong>
    \u5728 NIST \u6307\u5357\u3001CISSP \u8003\u8a66\u5927\u7db1\u548c CISSP \u5b78\u7fd2\u6307\u5357\u4e2d\uff0c\u98a8\u96aa\u8a55\u9451<\/a>\u548c\u98a8\u96aa\u5206\u6790<\/a>\u901a\u5e38\u88ab\u8996\u70ba\u540c\u7fa9\u8a5e\u3002\u4f46\u662f\uff0c\u5728 ISO 31000 \u548c ISO 27005 \u7b49 ISO \u6a19\u6e96\u4e2d\u4e26\u975e\u5982\u6b64\uff1b\u98a8\u96aa\u5206\u6790\u662f\u98a8\u96aa\u8a55\u4f30\u7684\u4e00\u90e8\u5206\u3002
    \u7dad\u8b77\u6210\u672c\u7b49\u98a8\u96aa\u6703\u589e\u52a0\uff0c\u7cfb\u7d71\u53ef\u7528\u6027\u53ef\u80fd\u6703\u53d7\u5230\u5f71\u97ff\uff0c\u6f0f\u6d1e\u4ecd\u7136\u5b58\u5728\u4e14\u672a\u4fee\u88dc\u7684\u60c5\u6cc1\u53ef\u80fd\u6703\u767c\u751f\u3002\u4f46\u662f\uff0c\u6211\u5011\u9700\u8981\u9032\u4e00\u6b65\u5206\u6790\u5b83\u5011\u7684\u53ef\u80fd\u6027\u6216\u53ef\u80fd\u6027\u548c\u5f71\u97ff\uff0c\u4ee5\u78ba\u5b9a\u98a8\u96aa\u66dd\u96aa\u3002\u56e0\u6b64\uff0c\u98a8\u96aa\u66dd\u96aa\u662f\u4e00\u500b\u66f4\u666e\u904d\u548c\u66f4\u5168\u9762\u7684\u6982\u5ff5\uff0c\u5b83\u63d0\u9192\u6211\u5011\u5f9e\u66f4\u9ad8\u7684\u89d2\u5ea6\u8003\u616e\u98a8\u96aa\u7684\u4e0d\u78ba\u5b9a\u6027\u548c\u5f71\u97ff\u90e8\u5206\u3002<\/p>\n\n\n\n

    NIST\u8853\u8a9e\u8868\uff08NIST Glossary\uff09<\/strong>
    \u66b4\u9732<\/a>\uff1a\u98a8\u96aa\u7684\u53ef\u80fd\u6027\u548c\u5f71\u97ff\u6c34\u5e73\u7684\u7d44\u5408\u3002
    \u56fa\u6709\u98a8\u96aa<\/a>\uff1a\u5728\u7ba1\u7406\u5c64\u6c92\u6709\u63a1\u53d6\u4efb\u4f55\u76f4\u63a5\u6216\u91cd\u9ede\u884c\u52d5\u4f86\u6539\u8b8a\u5176\u56b4\u91cd\u6027\u7684\u60c5\u6cc1\u4e0b\uff0c\u5be6\u9ad4\u9762\u81e8\u7684\u98a8\u96aa\u3002
    \u6b98\u9918\u98a8\u96aa<\/a>\uff1a\u63a1\u53d6\u5b89\u5168\u63aa\u65bd\u5f8c\u5269\u9918\u7684\u98a8\u96aa\u90e8\u5206\u3002<\/p>\n\n\n\n

    \u53c3\u8003
    NIST\u8853\u8a9e\u8868<\/a><\/p>\n\n\n\n

    \u8cc7\u6599\u4f86\u6e90\uff1a Wentz Wu QOTD-20210712<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

    -\u4ec0\u9ebc\u662f\u98a8\u96aa\uff1f ISO\/IEC\/IEEE 24765:2017 \u7cfb\u7d71\u548c\u8edf\u4ef6\u5de5\u7a0b \u2014 \u8a5e\u5f59 \u98a8\u96aa\u7d66\u500b\u4eba\u3001\u9805\u76ee\u6216\u7d44 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":true,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-758","post","type-post","status-publish","format-standard","hentry","category-cisspcertified-information-systems-security-professional"],"_links":{"self":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/758","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=758"}],"version-history":[{"count":2,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/758\/revisions"}],"predecessor-version":[{"id":760,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=\/wp\/v2\/posts\/758\/revisions\/760"}],"wp:attachment":[{"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=758"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=758"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/choson.lifenet.com.tw\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=758"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}