Current location - Quotes Website - Signature design - What are the knowledge points of the information security engineer exam?
What are the knowledge points of the information security engineer exam?
The intermediate information security engineer exam of soft exam includes two subjects: basic knowledge and applied technology, and the knowledge points of each subject are different. The basic knowledge test questions are objective multiple-choice questions, and the applied technology test questions are subjective questions.

The information security engineer belongs to the intermediate qualification examination of the soft test, and the examination knowledge of each subject in the examination outline of the information security engineer is as follows:

Examination subject 1: Basic knowledge of information security

1. information security basics

1. 1 information security concept

1.2 information security laws and regulations

China's legislative and judicial status

Computer and network security laws and regulations.

1.3 information security management foundation

1.3. 1 information security management system and policy

1.3.2 information security risk assessment and management

1.4 information security standardization knowledge

1.4. 1 Familiar with the basic knowledge of information security technical standards.

1.4.2 Understanding ISO

1.4.3 information security series standard

1.5 Information Security English

2. Basic knowledge of computer network

2. 1 computer network architecture

2.2 Internet Protocol

2.2. 1 network layer protocol

2.2.2 Transport layer protocol

2.2.3 Application layer protocol

3. Password system

3. 1 Basic concepts of cryptography

3. 1. 1 Cryptography Definition

3. 1.2 Cryptosystem

3. 1.3 classic password

3.2 Block cipher

3.2. 1 the concept of block cipher

2 DES

Adverse event

3.2.4 SM4

3.2.5 Block cipher working mode

3.3 sequence cipher

3.3. The concept of1sequence cipher

3.3.2 Linear shift register sequence

RC4

ZUC

3.4 Hash function

3.4. The concept of1hash function

SHA algorithm

SM3 algorithm

HMAC

3.5 Public Key Cryptosystem

3.5. 1 The concept of public key encryption

RSA password

3.5.3 ElGamal password

Elliptic curve cipher

3.5.5 SM2 elliptic curve public key encryption algorithm

3.6 Digital signature

3.6. 1 the concept of digital signature

3.6.2 Typical Digital Signature System

3.6.3 SM2 Elliptic Curve Digital Signature Algorithm

3.7 certification

3.7. 1 certification concept

3.7.2 Identity authentication

3.7.3 Message authentication

3.8 Key Management

The concept of key management

3.8.2 Key management of symmetric encryption

3.8.3 Key Management of Asymmetric Encryption

4. Network security

4. 1 Basic concept of network security

4.2 Network security threats

4.2. 1 threat source and type

4.2.2 Website security threats

4.2.3 Wireless network security threats

4.3 Network security defense

4.3. 1 network security defense principles

Basic defense technology

safety protocol

4.4 Wireless Network Security

4.4. 1 Basic knowledge of wireless network

4.4.2 Wireless Network Security Threats and Analysis

4.4.3 Security Mechanism of Wireless Network

5. Computer security

5. 1 computer equipment safety

5. 1. 1 Definition of computer security

5. 1.2 computer system security model and security method

5. 1.3 electromagnetic leakage and interference

5. 1.4 physical safety

5. 1.5 computer reliability technology

5.2 Operating System Security

5.2. 1 Basic knowledge of operating system security

5.2.2 Security threats faced by the operating system

Security model

5.2.4 Operating System Security Mechanism

5.2.5 Implementation method of operating system security enhancement

5.3 Security of database system

5.3. 1 database security concept

5.3.2 Development course of database security

5.3.3 Database Access Control Technology

Database encryption

Multilevel security database

5.3.6 Reasoning control of database

Backup and recovery of database

5.4 malicious code

Definition and classification of malicious code

5.4.2 Naming Rules for Malicious Codes

5.4.3 Computer virus

Network worm

5.4.5 Trojan horse

back door

5.4.7 Other malicious codes

5.4.8 Methods of Clearing Malicious Codes

5.4.9 Typical anti-virus technology

5.5 Computer forensics

Basic concepts of computer forensics

5.5.2 Electronic evidence and its characteristics

5.5.3 Computer forensics technology

5.6 Embedded System Security

5.6. 1 Smart card security basics

USB key technology

5.6.3 Mobile intelligent terminal

5.6.4 Familiar with the safety problems and solutions of industrial control system.

5.7 Cloud computing security

5.7. 1 Cloud computing security foundation

5.7.2 IaaS layer security technology

5.7.3 PaaS layer security technology

SaaS layer security technology

6. Application system security

6. 1 network security

6. 1. 1 network security threats

6. 1.2 network security threat protection technology

6.2 e-commerce security

6.2. 1 Basic knowledge of e-commerce security

6.2.2 E-commerce security certification system

6.2.3 E-commerce Security Service Agreement

6.3 information hiding

6.3. 1 Basic knowledge of information hiding

6.3.2 Digital watermarking technology

6.4 Network public opinion

6.4. 1 Basic concept of online public opinion?

6.4.2 Basic Technology of Internet Public Opinion

6.5 Privacy protection

6.5. 1 Basic knowledge of privacy protection

6.5.2 Data Mining and Privacy Protection

6.5.3 Privacy Measurement and Evaluation Standards

Examination subject 2: information security application technology

1. Cryptography application

Implementation of 1. 1 cryptographic algorithm

Application of 1.2 cryptographic algorithm

1.2. 1 Application of typical cryptographic algorithms

1.2.2 block cipher working mode

1.2.3 Application of public key encryption

Application of 1.3 Typical Authentication Protocol

1.3. 1 certification

1.3.2 Application of Typical Authentication Protocol

1.4 key management technology

2. Network security engineering

2. 1 network security requirements analysis and basic design

2.2 Configuration and use of network security products

2.2. 1 network traffic monitoring and protocol analysis

2.2.2 Configuration and use of gateway

2.2.3 Configuration and use of firewall

2.2.4 Configuration and use of intrusion detection system

2.3 the implementation of network security risk assessment

2.3. 1 Basic principles and processes

2.3.2 Work in the identification stage

2.3.3 Work in the risk analysis stage

Risk disposal

2.4 Application of network security protection technology

2.4. 1 Network security vulnerability scanning technology and its application

2.4.2 VPN technology and application

2.4.3 Network Disaster Recovery Backup Technology and Application

Log analysis

3. System safety engineering

3. 1 access control

3. 1. 1 access control technology

3. 1.2 authentication technology?

3.2 Information System Security Requirements Analysis and Design

3.2. 1 Information System Security Requirements Analysis

3.2.2 Security Design of Information System

3.3 Configuration and use of information system security products

3.3. 1 Windows system security configuration

3.3.2 Linux system security configuration

Security configuration of database

3.4 Information System Security Assessment

3.4. 1 Basis and principle of information system security assessment

3.4.2 Information System Security Assessment Method

3.4.3 Information System Security Assessment Process

4. The application of safety engineering

4. 1 Requirements Analysis and Basic Design of Network Security

4. 1. 1 network security threats

4. 1.2 network security threat protection technology

4.2 Demand analysis and basic design of e-commerce security

4.3 Security Application of Embedded System

4.3. 1 embedded system software development

4.3.2 Mobile intelligent terminal

4.4 Application of Digital Watermark in Copyright Protection

4.5 Application of Location Privacy Protection Technology

4.5. 1 Location Privacy Security Threat

4.5.2 Algorithm and Application of Location Privacy k- Anonymous Model

Tips: Due to the constant change and adjustment of examination policies and contents, the above information provided by Hunting Examination Network is for reference only. If you have any objection, please refer to the contents published by the authoritative department!

The following free review materials are introduced: 2022 network planning designer afternoon zhenti

Format: DO size: 2346.3 1KB 2022 shorthand for network engineers-100 Important knowledge points

Format: PDF size: 956.33KB

If you have questions about the qualification examination, don't know how to summarize the contents of the test center, and don't know the local registration policy, click on the bottom to consult the hunting test network and get the review materials for free.