 |
English
|
正體中文
|
简体中文
|
全文筆數/總筆數 : 80990/80990 (100%)
造訪人次 : 41628965
線上人數 : 3372
|
|
|
資料載入中.....
|
請使用永久網址來引用或連結此文件:
http://ir.lib.ncu.edu.tw/handle/987654321/84048
|
| 題名: | 一種簡易型視窗環境資安稽核系統之設計與實現;A Simple Information Security Audit System Design and Implementation Under Window Environment |
| 作者: | 韓奇叡;Han, Chi-Jui |
| 貢獻者: | 資訊管理學系 |
| 關鍵詞: | 資安稽核;微軟作業環境;資訊整合;低成本建置;Information security audit;Microsoft environment;information integration;low-cost implementation |
| 日期: | 2020-07-28 |
| 上傳時間: | 2020-09-02 17:58:51 (UTC+8) |
| 出版者: | 國立中央大學 |
| 摘要: | 近年來隨著資訊科技、網際網路技術的發展,組織內部亦運用網路、電腦將各種業務電子化以減少紙本作業造成的浪費、節省人力成本以及完成各種自動化的需求,但在提升工作績效的同時,也帶來許多資訊安全的問題。政府機關單位及企業為了有效管理內部網路及強化資訊安全,經費足夠的大型組織通常會建置各式資安管控系統,但是導入各項單獨功能非常強大的系統後,由於這些系統通常只會針對本身納管的設備進行管制,缺乏相關機制來找出未受管控的電腦,常常出現各系統的資料不一致的情形,反而增加了管理者的負擔。本研究提出的簡易型資安稽核系統功能雖然不及各項特定領域的系統強大,但是卻能夠提供整合性資訊,輔助管理者了解內部哪些電腦不受到這些系統管控進而加以修正,提升各專業系統的效益。另外針對無充裕經費在資安防護,僅具備基本的微軟作業環境、網域管理伺服器及使用免費防毒軟體的小型組織,我們已實作此系統雛形,證明我們設計與建構之稽核系統能夠滿足管理者的基本管理需求,包括內網端點設備的清查、防毒軟體是否安裝及正常運作、是否定期執行微軟更新及政府組態基準設定抽檢等,且軟硬體建置的成本也非常的低,僅需在現有微軟環境下建置SQL Server搭配現有網域伺服器及免費軟體Nmap、Power BI Desktop即可完成系統建置。
關鍵字:資安稽核、微軟作業環境、資訊整合、低成本建置;With the development of technology, the organization uses computers to replace paper operations and complete the needs of automation, but it also brings a lot of information security problems. In order to manage the internal network and strengthen information security, organizations with sufficient funds usually build various types of information security systems. These systems only control the equipment they manage, there is no relevant mechanism to find out the unmanaged computers, and data is not integrated between systems which increases the burden of managers. Although the function of the simple security audit system proposed in this study is not as powerful as the system in each specific field, it can provide integrated information to help managers understand which computers are not controlled by these systems. Managers can correct these unmanaged computers to improve the effectiveness of information security systems. The research system can help organizations which do not have sufficient funds for security protection, only have a basic Microsoft operating environment, active directory server, we have implemented system to prove our design. The research system can provide the information to meet audit needs, including the inventory of endpoint devices, antivirus software operation status, Microsoft updates status and Government Configuration Baseline setting check, etc. The cost of the research system construction is very low, only need existing Microsoft environment and free software to build.
Keywords:Information security audit, Microsoft environment, information integration, low-cost implementation |
| 顯示於類別: | [資訊管理研究所] 博碩士論文
|
文件中的檔案:
| 檔案 |
描述 |
大小 | 格式 | 瀏覽次數 |
|---|
| index.html | | 0Kb | HTML | 196 | 檢視/開啟 |
|
在NCUIR中所有的資料項目都受到原著作權保護.
|
::: Copyright National Central University. | 國立中央大學圖書館版權所有 | 收藏本站 | 設為首頁 | 最佳瀏覽畫面: 1024*768 | 建站日期:8-24-2009 :::
