Intermediate information security engineers in the soft exam take the morning exam as the basic knowledge, and the exam time is arranged at 9:00- 1 1:30 in the morning. The knowledge points of the basic knowledge examination for information security engineers are as follows:
1. Basic information security knowledge;
1. 1 information security concept;
1.2 information security laws and regulations;
Current legislative and judicial situation in China;
1.2.2 computer and network security laws and regulations;
1.3 information security management foundation;
1.3. 1 information security management system and policy;
1.3.2 information security risk assessment and management;
1.4 information security standardization knowledge;
1.4. 1 Familiar with the basic knowledge of information security technical standards;
1.4.2 Understand ISO
1.4.3 series of information security standards;
1.5 information security English;
2. Basic knowledge of computer network;
2. 1 computer network architecture;
2.2 Internet protocol;
2.2. 1 network layer protocol;
2.2.2 Transport layer protocol;
2.2.3 Application layer protocol;
3. Cryptography;
3. 1 Basic concepts of cryptography;
3. 1. 1 Cryptography definition;
3. 1.2 cryptosystem;
3. 1.3 classic password;
3.2 block cipher;
3.2. 1 the concept of block cipher;
3 . 2 . 2 DES;
3.2.3 Adverse events;
3 . 2 . 4 SM4;
3.2.5 Block cipher working mode;
3.3 sequence password;
3.3. 1 concept of sequence cipher;
3.3.2 Linear shift register sequence;
3 . 3 . 3 RC4;
3 . 3 . 4 ZUC;
3.4 Hash function;
3.4. The concept of1hash function;
3.4.2 SHA algorithm;
3.4.3 SM3 algorithm;
HMAC;
3.5 public key cryptosystem;
3.5. 1 the concept of public key cryptography;
3.5.2 RSA password;
3.5.3 ElGamal password;
3.5.4 Elliptic curve password;
3.5.5 SM2 elliptic curve public key encryption algorithm;
3.6 Digital signature;
3.6. 1 the concept of digital signature;
3.6.2 Typical digital signature system;
3.6.3 SM2 elliptic curve digital signature algorithm;
3.7 certification;
3.7. 1 certification concept;
Certification;
3.7.3 Message authentication;
3.8 key management;
3.8. 1 key management concept;
3.8.2 Key management of symmetric cipher;
3.8.3 Key management of asymmetric passwords;
4. Network security;
4. 1 Basic concept of network security;
4.2 Network security threats;
4.2. 1 threat source and type;
4.2.2 Website security threats;
4.2.3 Wireless network security threats;
4.3 network security defense;
4.3. 1 network security defense principle;
4.3.2 Basic defense technology;
4.3.3 Security protocol;
4.4 wireless network security;
4.4. 1 Basic knowledge of wireless network;
4.4.2 Wireless network security threats and analysis;
4.4.3 Wireless network security mechanism;
5. Computer security;
5. 1 computer equipment safety;
5. 1. 1 definition of computer security;
5. 1.2 computer system security model and security method;
5. 1.3 electromagnetic leakage and interference;
5. 1.4 physical safety;
5. 1.5 computer reliability technology;
5.2 Operating system security;
5.2. 1 Basic knowledge of operating system security;
5.2.2 Security threats faced by the operating system;
5.2.3 Security model;
5.2.4 Security mechanism of operating system;
5.2.5 Implementation method of operating system security enhancement;
5.3 Security of database system;
5.3. 1 database security concept;
5.3.2 Development course of database security;
5.3.3 Database access control technology;
Database encryption;
5.3.5 Multi-level security database;
5.3.6 Reasoning control of database;
5.3.7 Backup and recovery of database;
5.4 malicious code;
5.4. 1 Definition and classification of malicious code;
5.4.2 Naming rules for malicious codes;
5.4.3 Computer virus;
5.4.4 Network worm;
5.4.5 Trojan horse;
5.4.6 Back door;
5.4.7 Other malicious codes;
5.4.8 Methods of clearing malicious code;
5.4.9 Typical anti-virus technology;
5.5 Computer forensics;
5.5. 1 Basic concepts of computer forensics;
5.5.2 Electronic evidence and its characteristics;
5.5.3 Computer forensics technology;
5.6 embedded system security;
5.6. 1 Basic knowledge of smart card security;
5.6.2 USB Key technology;
5.6.3 Mobile intelligent terminal;
5.6.4 Familiar with the safety problems and solutions of industrial control system;
5.7 cloud computing security;
5.7. 1 Basic knowledge of cloud computing security;
5.7.2 IaaS layer security technology;
5.7.3 PaaS layer security technology;
5.7.4 SaaS layer security technology;
6. Application system security;
6. 1 Web security;
6. 1. 1 Web security threats;
6. 1.2 Web security threat protection technology;
6.2 e-commerce security;
6.2. 1 Basic knowledge of e-commerce security;
6.2.2 Security authentication system of e-commerce;
6.2.3 e-commerce security service agreement;
6.3 information hiding;
6.3. 1 Basic knowledge of information hiding;
6.3.2 Digital watermarking technology;
6.4 Internet public opinion;
6.4. 1 Basic concept of online public opinion? ;
6.4.2 Basic technology of network public opinion;
6.5 Privacy protection;
6.5. 1 Basic knowledge of privacy protection;
6.5.2 Data mining and privacy protection;
6.5.3 Privacy measurement and evaluation standards.
Tips: Due to the constant change and adjustment of examination policies and contents, the above information provided by Hunting Examination Network is for reference only. If you have any objection, please refer to the contents published by the authoritative department!
The following free review materials are introduced: 20 18 Information System project management division First Half Afternoon Zhenti (Summary).
Format: PDF size: 195.6KB Xueba Notes-Collection of System Integration Knowledge Points
Format: postal code:/kloc-0 14663.83KB
If you have questions about the qualification examination, don't know how to summarize the contents of the test center, and don't know the local registration policy, click on the bottom to consult the hunting test network and get the review materials for free.