第一章
《计算机安全手册》将术语“计算机安全”定义为 The NIST Computer Security Handbook defines the term computer security as
为实现维护信息系统资源(包括硬件、软件、固件、信息/数据和电信)的完整性、可用性和机密性的适用目标而对自动化信息系统提供的保护
The protection afforded to an automated information system in order to attain the applicable objectives of preserving the integrity, availability, and confidentiality of information system resources (includes hardware,software, firmware, information/data, and telecommunications)
计算机安全的三个关键目标是什么 What are the three key objectives of computer security
机密性、完整性和可用性
Confidentiality, integrity, and availability
被动安全威胁和主动安全威胁的区别是什么 What is the difference between passive and active security threats?
被动攻击与窃听或监视传输有关。电子邮件、文件传输和客户端/服务器交换是可以监控的传输示例。主动攻击包括修改传输的数据和试图未经授权访问计算机系统