信息安全技術實用教程(第5版)(微課視頻版)
張同光,張光華,宋麗麗
- 出版商: 電子工業
- 出版日期: 2025-11-01
- 售價: $408
- 語言: 簡體中文
- 頁數: 312
- ISBN: 7121515016
- ISBN-13: 9787121515019
-
相關分類:
Penetration-test
下單後立即進貨 (約4週~6週)
相關主題
商品描述
本書以解決實際信息安全問題為目標,全面介紹了信息安全領域的實用技術,幫助讀者了解信息安全技術體系,掌握維護信息系統安全的常用技術和手段,解決實際信息系統的安全問題,使讀者全方位建立起對信息安全保障體系的認識。本書以理論聯系實際為特點,采用案例引導理論闡述的編寫方法,內容實用、結構清晰、圖文並茂、通俗易懂,力求讓讀者在興趣中學習信息安全技術。本書共8 章,主要內容包括信息安全概述、物理安全技術、基礎安全技術、操作系統安全技術、網絡安全技術1、網絡安全技術2、數據庫系統安全技術和容災與數據備份技術。本書適合作為高等院校計算機及其相關專業學生的教材,也可供培養技能型緊缺人才的機構使用。
目錄大綱
目 錄
第1 章 信息安全概述·····················································································1
1.1 信息安全基本概念···············································································3
1.2 信息安全面臨的威脅············································································4
1.3 信息安全技術體系結構·········································································4
1.3.1 物理安全技術·············································································4
1.3.2 基礎安全技術·············································································5
1.3.3 系統安全技術·············································································5
1.3.4 網絡安全技術·············································································6
1.3.5 應用安全技術·············································································8
1.4 新興安全技術趨勢············································································.13
1.5 安全系統設計原則············································································.14
1.6 人、制度與技術之間的關系································································.15
1.7 本書實驗環境··················································································.16
習題1 ··································································································.19
第2 章 物理安全技術··················································································.21
2.1 物理安全概述··················································································.21
2.2 環境安全························································································.22
2.3 設備安全························································································.28
2.4 電源系統安全··················································································.29
2.5 通信線路安全··················································································.33
2.6 物聯網設備的物理安全······································································.37
2.7 數據中心物理安全············································································.37
習題2 ··································································································.38
第3 章 基礎安全技術··················································································.39
3.1 實例——使用加密軟件PGP Desktop ·····················································.39
3.2 密碼技術························································································.50
3.2.1 明文、密文、算法與密鑰··························································.50
3.2.2 密碼體制················································································.51
3.2.3 古典密碼學·············································································.51
3.2.4 量子密碼學·············································································.52
3.2.5 同態加密················································································.53
3.2.6 多方安全計算··········································································.53
3.3 用戶密碼的破解···············································································.54
3.3.1 實例——使用工具盤破解Windows 用戶密碼··································.54
3.3.2 實例——使用john 破解Windows 用戶密碼····································.54
3.3.3 實例——使用john 破解Linux 用戶密碼········································.55
3.4 文件加密························································································.57
3.4.1 實例——用對稱加密算法加密文件···············································.57
3.4.2 對稱加密算法··········································································.59
3.4.3 實例——用非對稱加密算法加密文件············································.60
3.4.4 非對稱加密算法·······································································.63
3.4.5 混合加密················································································.65
3.5 數字簽名························································································.65
3.5.1 數字簽名概述··········································································.65
3.5.2 實例——數字簽名····································································.66
3.5.3 基於區塊鏈的數字簽名技術·······················································.68
3.6 PKI 技術························································································.69
3.7 實例——構建基於Windows 的CA 系統················································.73
習題3 ··································································································.90
第4 章 操作系統安全技術············································································.93
4.1 操作系統安全基礎············································································.93
4.1.1 容器安全················································································.93
4.1.2 微內核操作系統安全································································.94
4.1.3 可信執行環境··········································································.94
4.2 Metasploit ·······················································································.95
4.3 實例——入侵Windows 10 1703 ···························································.96
4.4 實例——入侵Ubuntu 14.04·································································107
4.5 實例——入侵Windows Server 2008 R2 ··················································110
4.6 實例——入侵Windows XP SP3····························································115
4.7 自主訪問控制與強制訪問控制·····························································117
4.8 信息安全評估標準············································································118
習題4 ··································································································119
第5 章 網絡安全技術1 ················································································121
5.1 網絡安全形勢··················································································121
5.2 黑客攻擊簡介··················································································122
5.2.1 黑客與駭客·············································································122
5.2.2 黑客攻擊的目的和手段·····························································122
5.2.3 黑客攻擊的步驟·······································································122
5.2.4 主動信息收集··········································································123
5.2.5 被動信息收集··········································································125
5.2.6 滲透測試執行標準····································································127
5.3 實例——端口與漏洞掃描及網絡監聽····················································128
5.4 緩沖區溢出·····················································································137
5.4.1 實例——緩沖區溢出及其原理·····················································137
5.4.2 實例——緩沖區溢出攻擊Windows XP SP3 ····································140
5.4.3 實例——緩沖區溢出攻擊Windows 10 1703 ····································156
5.4.4 緩沖區溢出攻擊的防範措施·······················································181
5.5 DoS 與DDoS 攻擊············································································182
5.5.1 DDoS 攻擊工具·······································································182
5.5.2 實例——緩沖區溢出DoS 攻擊····················································186
5.5.3 DoS 與DDoS 攻擊的檢測與防範·················································187
習題5 ··································································································188
第6 章 網絡安全技術2 ················································································190
6.1 ARP 欺騙和中間人攻擊·····································································190
6.1.1 實例——ARP 欺騙···································································190
6.1.2 實例——中間人攻擊(ARPspoof) ··············································193
6.1.3 實例——中間人攻擊(Bettercap-CLI) ·········································197
6.1.4 實例——中間人攻擊(Bettercap-Web UI)·····································203
6.1.5 ARP 欺騙的原理與防範·····························································209
6.2 防火墻技術·····················································································210
6.3 入侵檢測技術··················································································212
6.3.1 實例——使用Snort 進行入侵檢測················································212
6.3.2 入侵檢測技術概述····································································216
6.4 入侵防禦技術··················································································218
6.5 計算機病毒·····················································································219
6.6 特洛伊木馬·····················································································220
6.6.1 特洛伊木馬的基本概念·····························································220
6.6.2 實例——反向連接木馬······························································222
6.7 網頁病毒、網頁掛馬·········································································225
6.8 VPN 技術·······················································································225
6.9 實例——HTTP 隧道技術····································································226
6.10 蜜罐技術······················································································229
6.11 實例——在Kali Linux 中創建Wi-Fi 熱點·············································230
6.12 實例——使用Aircrack-ng 破解Wi-Fi 密碼············································233
6.13 實例——無線網絡安全配置······························································236
6.14 SDN 安全······················································································238
6.15 NFV 安全······················································································239
6.16 5G 網絡安全··················································································240
6.17 零信任網絡···················································································241
習題6 ··································································································242
第7 章 數據庫系統安全技術·········································································244
7.1 SQL 註入攻擊和暴庫········································································244
7.2 實例——註入攻擊SQL Server ·····························································245
7.3 實例——註入攻擊Access···································································252
7.4 實例——使用SQLmap 進行SQL 註入··················································257
7.5 實例——使用SQLmap 手動註入外部網站·············································263
7.6 實例——使用SQLmap 自動註入外部網站·············································267
7.7 如何防範SQL 註入攻擊·····································································268
7.8 常見的數據庫安全問題及安全威脅·······················································270
7.9 數據庫系統安全框架、機制和需求·······················································271
7.10 數據庫系統安全管理原則·································································275
7.11 數據庫加密技術·············································································276
7.12 數據庫審計與監控··········································································277
7.13 分布式數據庫安全··········································································278
習題7 ··································································································279
第8 章 容災與數據備份技術·········································································281
8.1 容災技術························································································281
8.1.1 容災技術概述··········································································281
8.1.2 RAID 簡介·············································································291
8.1.3 數據恢復工具··········································································295
8.2 數據備份技術··················································································295
8.2.1 數據備份的基本概念································································295
8.2.2 雲環境下的容災與備份·····························································299
8.2.3 數據去重與壓縮技術································································300
8.2.4 數據備份的自動化與智能化·······················································301
習題8 ··································································································302
參考文獻·····································································································303
