The information security engineer belongs to the intermediate qualification examination of the soft test, and the examination knowledge of each subject in the examination outline of the information security engineer is as follows:
Examination subject 1: Basic knowledge of information security
1. information security basics
1. 1 information security concept
1.2 information security laws and regulations
China's legislative and judicial status
Computer and network security laws and regulations.
1.3 information security management foundation
1.3. 1 information security management system and policy
1.3.2 information security risk assessment and management
1.4 information security standardization knowledge
1.4. 1 Familiar with the basic knowledge of information security technical standards.
1.4.2 Understanding ISO
1.4.3 information security series standard
1.5 Information Security English
2. Basic knowledge of computer network
2. 1 computer network architecture
2.2 Internet Protocol
2.2. 1 network layer protocol
2.2.2 Transport layer protocol
2.2.3 Application layer protocol
3. Password system
3. 1 Basic concepts of cryptography
3. 1. 1 Cryptography Definition
3. 1.2 Cryptosystem
3. 1.3 classic password
3.2 Block cipher
3.2. 1 the concept of block cipher
2 DES
Adverse event
3.2.4 SM4
3.2.5 Block cipher working mode
3.3 sequence cipher
3.3. The concept of1sequence cipher
3.3.2 Linear shift register sequence
RC4
ZUC
3.4 Hash function
3.4. The concept of1hash function
SHA algorithm
SM3 algorithm
HMAC
3.5 Public Key Cryptosystem
3.5. 1 The concept of public key encryption
RSA password
3.5.3 ElGamal password
Elliptic curve cipher
3.5.5 SM2 elliptic curve public key encryption algorithm
3.6 Digital signature
3.6. 1 the concept of digital signature
3.6.2 Typical Digital Signature System
3.6.3 SM2 Elliptic Curve Digital Signature Algorithm
3.7 certification
3.7. 1 certification concept
3.7.2 Identity authentication
3.7.3 Message authentication
3.8 Key Management
The concept of key management
3.8.2 Key management of symmetric encryption
3.8.3 Key Management of Asymmetric Encryption
4. Network security
4. 1 Basic concept of network security
4.2 Network security threats
4.2. 1 threat source and type
4.2.2 Website security threats
4.2.3 Wireless network security threats
4.3 Network security defense
4.3. 1 network security defense principles
Basic defense technology
safety protocol
4.4 Wireless Network Security
4.4. 1 Basic knowledge of wireless network
4.4.2 Wireless Network Security Threats and Analysis
4.4.3 Security Mechanism of Wireless Network
5. Computer security
5. 1 computer equipment safety
5. 1. 1 Definition of computer security
5. 1.2 computer system security model and security method
5. 1.3 electromagnetic leakage and interference
5. 1.4 physical safety
5. 1.5 computer reliability technology
5.2 Operating System Security
5.2. 1 Basic knowledge of operating system security
5.2.2 Security threats faced by the operating system
Security model
5.2.4 Operating System Security Mechanism
5.2.5 Implementation method of operating system security enhancement
5.3 Security of database system
5.3. 1 database security concept
5.3.2 Development course of database security
5.3.3 Database Access Control Technology
Database encryption
Multilevel security database
5.3.6 Reasoning control of database
Backup and recovery of database
5.4 malicious code
Definition and classification of malicious code
5.4.2 Naming Rules for Malicious Codes
5.4.3 Computer virus
Network worm
5.4.5 Trojan horse
back door
5.4.7 Other malicious codes
5.4.8 Methods of Clearing Malicious Codes
5.4.9 Typical anti-virus technology
5.5 Computer forensics
Basic concepts of computer forensics
5.5.2 Electronic evidence and its characteristics
5.5.3 Computer forensics technology
5.6 Embedded System Security
5.6. 1 Smart card security basics
USB key technology
5.6.3 Mobile intelligent terminal
5.6.4 Familiar with the safety problems and solutions of industrial control system.
5.7 Cloud computing security
5.7. 1 Cloud computing security foundation
5.7.2 IaaS layer security technology
5.7.3 PaaS layer security technology
SaaS layer security technology
6. Application system security
6. 1 network security
6. 1. 1 network security threats
6. 1.2 network security threat protection technology
6.2 e-commerce security
6.2. 1 Basic knowledge of e-commerce security
6.2.2 E-commerce security certification system
6.2.3 E-commerce Security Service Agreement
6.3 information hiding
6.3. 1 Basic knowledge of information hiding
6.3.2 Digital watermarking technology
6.4 Network public opinion
6.4. 1 Basic concept of online public opinion?
6.4.2 Basic Technology of Internet Public Opinion
6.5 Privacy protection
6.5. 1 Basic knowledge of privacy protection
6.5.2 Data Mining and Privacy Protection
6.5.3 Privacy Measurement and Evaluation Standards
Examination subject 2: information security application technology
1. Cryptography application
Implementation of 1. 1 cryptographic algorithm
Application of 1.2 cryptographic algorithm
1.2. 1 Application of typical cryptographic algorithms
1.2.2 block cipher working mode
1.2.3 Application of public key encryption
Application of 1.3 Typical Authentication Protocol
1.3. 1 certification
1.3.2 Application of Typical Authentication Protocol
1.4 key management technology
2. Network security engineering
2. 1 network security requirements analysis and basic design
2.2 Configuration and use of network security products
2.2. 1 network traffic monitoring and protocol analysis
2.2.2 Configuration and use of gateway
2.2.3 Configuration and use of firewall
2.2.4 Configuration and use of intrusion detection system
2.3 the implementation of network security risk assessment
2.3. 1 Basic principles and processes
2.3.2 Work in the identification stage
2.3.3 Work in the risk analysis stage
Risk disposal
2.4 Application of network security protection technology
2.4. 1 Network security vulnerability scanning technology and its application
2.4.2 VPN technology and application
2.4.3 Network Disaster Recovery Backup Technology and Application
Log analysis
3. System safety engineering
3. 1 access control
3. 1. 1 access control technology
3. 1.2 authentication technology?
3.2 Information System Security Requirements Analysis and Design
3.2. 1 Information System Security Requirements Analysis
3.2.2 Security Design of Information System
3.3 Configuration and use of information system security products
3.3. 1 Windows system security configuration
3.3.2 Linux system security configuration
Security configuration of database
3.4 Information System Security Assessment
3.4. 1 Basis and principle of information system security assessment
3.4.2 Information System Security Assessment Method
3.4.3 Information System Security Assessment Process
4. The application of safety engineering
4. 1 Requirements Analysis and Basic Design of Network Security
4. 1. 1 network security threats
4. 1.2 network security threat protection technology
4.2 Demand analysis and basic design of e-commerce security
4.3 Security Application of Embedded System
4.3. 1 embedded system software development
4.3.2 Mobile intelligent terminal
4.4 Application of Digital Watermark in Copyright Protection
4.5 Application of Location Privacy Protection Technology
4.5. 1 Location Privacy Security Threat
4.5.2 Algorithm and Application of Location Privacy k- Anonymous Model
Tips: Due to the constant change and adjustment of examination policies and contents, the above information provided by Hunting Examination Network is for reference only. If you have any objection, please refer to the contents published by the authoritative department!
The following free review materials are introduced: 2022 network planning designer afternoon zhenti
Format: DO size: 2346.3 1KB 2022 shorthand for network engineers-100 Important knowledge points
Format: PDF size: 956.33KB
If you have questions about the qualification examination, don't know how to summarize the contents of the test center, and don't know the local registration policy, click on the bottom to consult the hunting test network and get the review materials for free.