Part 1 Á¤º¸º¸È£
Á¤º¸ÀÇ ±â¹Ð¼º, ¹«°á¼º, °¡¿ë¼ºÀ» È®º¸ÇÏ´Â Â÷¿ø¿¡¼ Á¤º¸º¸È£ÀÇ ¸ñÇ¥, Çʿ伺, À§Çè ¿ä¼Ò, ´ëÀÀ ÀýÂ÷, ´Éµ¿Çü º¸¾È, À¶ÇÕ º¸¾È, º¸¾È ÇÁ·¹ÀÓ¿öÅ©¿Í º¸¾È °Å¹ö³Í½º¿¡ ´ëÇÑ ³»¿ëÀ¸·Î ÀÛ¼ºÇß½À´Ï´Ù. [°ü·Ã ÅäÇÈ 21°³]
Part 2 ¾ÏÈ£ÇÐ
º¸¾È ºÐ¾ß¿¡ ÇÙ½ÉÀÌ µÇ´Â ºÎºÐÀ¸·Î ¾ÏÈ£Çп¡ Àû¿ëµÈ ¼öÇÐÀû À̷еé°ú ¿ø¸®¸¦ ÆľÇÇÏ°í ¾ÏÈ£ÀÇ ¹ßÀü °úÁ¤°ú Á¤º¸È »çȸ¿¡ Àû¿ëµÇ´Â ´Ù¾çÇÑ ¾ÏÈ£ ¾Ë°í¸®ÁòÀÇ È°¿ë¹ý, ÀüÀÚ¼¸í, ÀüÀÚºÀÅõ µî¿¡ ´ëÇØ ÇнÀÇÒ ¼ö ÀÖµµ·Ï ÇÏ¿´½À´Ï´Ù. [°ü·Ã ÅäÇÈ 32°³]
Part 3 º¸¾ÈÀ§Çù
Network³ª System »ó¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â º¸¾È À§Çù ¿ä¼Ò¿Í ´ëÀÀ ¹æ¾È¿¡ ´ëÇØ ½±°Ô Á¢±Ù ÇÒ ¼ö ÀÖµµ·Ï ´ä¾ÈÈ ÇÏ¿´½À´Ï´Ù. Ç×»ó ÃâÁ¦µÇ´Â ºÎºÐÀ¸·Î ¸¹Àº °ü½ÉÀ» °¡Áö°í ÇнÀÇϽñ⠹ٶø´Ï´Ù. [°ü·Ã ÅäÇÈ 57°³]
Part 4 ±â¾÷ ¹× °³ÀÎÀÇ Á¤º¸º¸È£, ÀÎÁõ
±â¾÷ÀÇ °ü¸®Àû, ¹°¸®Àû, ±â¼úÀû Á¤º¸º¸È£ ´ëÃ¥»Ó¸¸ ¾Æ´Ï¶ó °³ÀÎÀÇ Á¤º¸º¸È£ ¹æ¾È°ú System »ç¿ë ½ÃÀÇ ¾ÏÈ£È ¾Ë°í¸®ÁòÀ» ÅëÇÑ ÀÎÁõ ¹æ¹ý ±×¸®°í Á¢±ÙÁ¦¾î¿¡ ´ëÇÑ ³»¿ëÀ» ÇнÀÇÒ ¼ö ÀÖµµ·Ï ÇÏ¿´½À´Ï´Ù. [°ü·Ã ÅäÇÈ 48°³]
Part 5 ³×Æ®¿öÅ© º¸¾È
Network »ó¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â º¸¾È À§ÇùÀ» SystemÀ̳ª °ü¸® Â÷¿ø¿¡¼ ¹æÁöÇÏ´Â ±â¼ú, Áö´ÉÇü CCTV, ¸Á ºÐ¸® ±â¼úµéÀ» ÇнÀÇÒ ¼ö ÀÖµµ·Ï ´ä¾ÈÈ ÇÏ¿´½À´Ï´Ù. [°ü·Ã ÅäÇÈ 30°³]
Part 6 System º¸¾È
System ¿î¿µ Â÷¿ø¿¡¼ Hardware, Software, Firmware »ó¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â º¸¾È°ú Ŭ¶ó¿ìµå º¸¾È ±×¸®°í ¹«¼± ȯ°æ¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â º¸¾È À§ÇùÀ» ¹æÁöÇÏ´Â ±â¼úµé°ú Æ÷·»½Ä¿¡ ´ëÇØ ÇнÀÇÒ ¼ö ÀÖ½À´Ï´Ù. [°ü·Ã ÅäÇÈ 29°³]
Part 7 Àü¼Û µ¥ÀÌÅÍÀÇ ¹«°á¼º È®º¸
¼Û¼ö½ÅÀÚ °£ÀÇ Data Àü¼Û ½Ã ¹«°á¼ºÀ» È®º¸ÇÒ ¹æ¹ý¿¡ ´ëÇØ ½ÇÁ¦ ¿¹¸¦ µé¾î ¼³¸íÇÑ ºÎºÐÀ¸·Î ÀÌÇØ À§ÁÖ·Î ÇнÀÇÒ ¼ö ÀÖµµ·Ï ±â¼úÇÏ¿´½À´Ï´Ù. [°ü·Ã ÅäÇÈ 4°³] |
PART 1 Á¤º¸º¸È£
1. µ¥ÀÌÅÍ(Data)¿Í Á¤º¸, Á¤º¸ÀÇ Æ¯¼º
2. Á¤º¸º¸È£ÀÇ ¸ñÇ¥
3. Á¤º¸±â¼úÀÇ ±¸¼º¿ä¼Ò¿Í Á¤º¸È »çȸÀÇ Æ¯¼º, Á¤º¸ÈÀÇ ¿ª±â´É
4. Á¤º¸º¸È£ÀÇ Çʿ伺
5. Á¤º¸º¸È£(Information Security)ÀÇ À§Çè ¿ä¼Ò
6. º¯Á¶(Modification)¿Í À§Á¶(Fabrication)
7. Á¤º¸º¸È£ÀÇ ´ëÃ¥
8. Á¤º¸º¸È£ÀÇ Á¶°Ç, À§ÇùÇüÅÂ, º¸¾Èü°è
9. Á¤º¸º¸È£ÀÇ ¹üÀ§, ±â¼úÀÇ ºÐ·ù
10. ´Éµ¿Çü º¸¾È±¸Á¶(Adaptive Security Architecture)
11. À¶ÇÕº¸¾È(Convergency Security)
12. ¿£µåÆ÷ÀÎÆ® º¸¾È(Endpoint Security)
13. OSI º¸¾È±¸Á¶ÀÎ X.800
14. NIST(¹Ì±¹ »ê¾÷ Ç¥ÁØ ±â°ü)¿¡¼ Á¦½ÃÇÑ Á¤º¸ º¸¾ÈÀÇ ÇÙ½É ¿øÄ¢
15 º¸¾È ¼øȯ »çÀÌŬ(Cycle)
16. º¸¾È ÇÁ·¹ÀÓ¿öÅ©(Framework), À§Çù ´ëÀÀ ÀýÂ÷
17. Á¤º¸º¸¾È¿¡¼ ÀúÁöÅëÁ¦(Deterrent Control), ŽÁöÅëÁ¦(Detective Control), ±³Á¤ÅëÁ¦(Corrective
Control), ¿¹¹æÅëÁ¦(Preventive Control)
18. Á¤º¸º¸¾ÈÀÇ ÁÖ¿äÇÑ ¼¼ °¡Áö ¸ñÀû ¹× °¢°¢ÀÇ ¸ñÀûÀ» À§ÇùÇÒ ¼ö ÀÖ´Â °ø°Ý¹æ¹ý
19. ¾÷¹«¿¡¼ ¹ß»ýÇÏ´Â Á¤º¸ À¯ÃâÀ» DBMS, ³×Æ®¿öÅ©, ÆÄÀÏ(¶Ç´Â ¹®¼) µî »ç°í À¯Çü°ú À̸¦ ¾ÈÀüÇÏ°Ô À¯ÁöÇϱâ À§ÇÑ º¸¾È ±â¼ú
20. º¸¾È °Å¹ö³Í½º(Security Governance)
21. ±¹Á¦Ç¥ÁØ(ISO)¿¡ ÁØÇÏ¿© Á¤º¸º¸È£ °Å¹ö³Í½ºÀÇ 6´ë ¿ø¸®, ÇÙ½É ÇÁ·Î¼¼½º ¹× ÁÖ¿ä ±¸¼º¿ä¼Ò
PART 2 ¾ÏÈ£ÇÐ
22. ¾ÏÈ£È
23. ¾ÏÈ£ ¹æ½ÄÀÇ ¹ßÀü °úÁ¤(°í´ë, ±Ù´ë, Çö´ë)
24. Çö´ë ¾ÏÈ£ÇÐÀÇ ¼öÇÐÀû À̷еé
- ¾à¼ö&¹è¼ö, ÃÖ´ë°ø¾à¼ö, ¼·Î¼Ò, À¯Å¬¸®µå È£Á¦¹ý, ¼Ò¼ö(¼ÒÀμö ºÐÇØ), ¸ðµâ·¯ ¿¬»ê, À׿©°è, ¿ÀÀÏ·¯ÀÇ Á¤¸®, Æ丣¸¶ÀÇ Á¤¸®
25. ¾ÏÈ£Çп¡ Àû¿ëµÇ´Â À¯Å¬¸®µå È£Á¦¹ý(Euclidean Algorithms)ÀÇ ¿ø¸®¸¦ Áõ¸í, ÀÌ ¿ø¸®¸¦ ÀÌ¿ëÇÏ¿© (252, 198)ÀÇ ÃÖ´ë °ø¾à¼ö¸¦ ±¸ÇϽÿÀ.
26. Æ丣¸¶ ¼ÒÁ¤¸®¸¦ ÀÌ¿ëÇÏ¿© ¿¬»êÀÌ ¼º¸³ÇÔÀ» º¸À̽ÿÀ.
27. ¾ÏÈ£ ±â¹ý - ġȯ, ÀüÄ¡, Àû(product) ¾ÏÈ£¹æ½Ä
28. ºí·Ï(Block)¾ÏÈ£±â¹ý°ú ½ºÆ®¸² ¾ÏÈ£(Stream Cipher) ±â¹ý
29. ´ëĪŰ¿Í ºñ´ëĪ Key ¾ÏÈ£ ¹æ½Ä
30. Çö´ë ¾ÏÈ£ÇÐÀÇ ±âÃÊ, Feistel ¾ÏÈ£ÀÇ ±¸Á¶¿Í ¾ÏÈ£È¿Í º¹È£È °úÁ¤
31. Feistel ¾ÏÈ£ ±¸Á¶¿¡¼ fÇÔ¼ö¿Í S-Box
32. ºí·Ï¾ÏÈ£, Feistel ¾ÏÈ£±¸Á¶¿Í SPN(Substitution Permutation Network) ºñ±³
33. AES(Advanced Encryption Standard) ¾ÏÈ£È
34. ±¹»ê ¾ÏÈ£È ¾Ë°í¸®Áò, SEED
35. ±¹»ê ¾ÏÈ£È ¾Ë°í¸®Áò, ARIA(Academy Research Institute Agency)
36. DES¿Í AES ¾ÏÈ£ÀÇ Àå´ÜÁ¡
37. ºí·Ï(Block)¾ÏÈ£È ±â¹ý¿¡¼ ECB ¸ðµå¿Í CBC ¿î¿ë¸ðµåÀÇ µ¿ÀÛ ¹× Àå´ÜÁ¡
38. ºí·Ï¾ÏÈ£¸ðµå(Block Cipher Mode)-ECB(Electric Code-Book) Mode
39. CBC(Cipher Block Chaining) Mode
40. ´ÙÀ½ ±¸¼º¿ä¼Ò¸¦ È°¿ëÇÏ¿© ºí·Ï¾ÏÈ£¸ðµå-CFB(Cipher Feedback) ModeÀÇ ¾Ïº¹È£È °úÁ¤À» ¼³¸íÇϽÿÀ.
41. OFB(Output Feedback) Mode
42. CTR(CounTeR) Mode
43. °ø°³Å° ¾ÏÈ£È ¹æ½Ä(¾ÏÈ£±â¹ý ºÐ·ù)
44. RSA°ø°³Å° ¾ÏÈ£¹æ½Ä¿¡¼ ¼Û½ÅÀÚ ºñ¹ÐÅ°(p=7, q=11)ÀÌ°í ¼Û½ÅÀÚÀÇ °ø°³Å°(Ke) °ªÀÌ 13ÀÏ ¶§, ¼ö½ÅÀÚÀÇ °³ÀÎÅ°(Kd)¸¦ ±¸ÇϽÿÀ.
45. °ø°³Å° ¾ÏÈ£È ¹æ½ÄÀ» ¼³¸íÇÏ°í ºñ¹ÐÅ°(p=3, q=11)ÀÌ°í Æò¹® M=5ÀÏ ¶§, RSA ¾ÏÈ£È º¹È£È °úÁ¤À» ¼³¸íÇϽÿÀ.
46. Çؽ¬ÇÔ¼ö(Hash Function)ÀÇ Æ¯Â¡
47. Çؽ¬°ª(Hash Value)°ú Çؽ¬ÇÔ¼öÀÇ ±¸ºÐ, Á¾·ù, ¿ëµµ
48. HMAC(Hash-based Message Authentication Code)
49. ¸Þ½ÃÁö ÀÎÁõ ±â¹ý°ú µðÁöÅÐ ¼¸í ±â¹ý¿¡ ´ëÇÏ¿© ¼³¸íÇÏ°í °øÅëÁ¡°ú Â÷ÀÌÁ¡À» ¼³¸íÇϽÿÀ.
50. ÀüÀÚ¼¸í(Digital Signature)
51. ºñ´ëĪŰ(°ø°³Å° ¾ÏÈ£¹æ½Ä) ¹æ½ÄÀÇ ÀüÀÚ¼¸í ¹æ¹ý
52. RSA ¾ÏÈ£¹æ½ÄÀ» ÀÌ¿ëÇÑ ÀüÀÚ¼¸í¹æ½Ä¿¡ ´ëÇØ 2°¡Áö ÀÌ»ó ¼³¸íÇϽÿÀ.
53. ÀüÀÚºÀÅõ(Digital Envelope)
PART 3 º¸¾È À§Çù
54. ÇØÅ·(Hacking) °ø°Ý
55. À±¸®Àû ÇØÄ¿(Ethical Hacker)
56. ÇØÅ·(Hacking)
57. ¿ú(Worm)
58. Æ®·ÎÀÌ ¸ñ¸¶ÀÇ Æ¯Â¡, °ø°ÝÀ¯ÀÔ, µ¿ÀÛ°úÁ¤, ºñ±³, ÇØÅ·±â¹ý
59. ¹ÙÀÌ·¯½º(Virus)
60. Malware
61. Malware(¾Ç¼ºÇÁ·Î±×·¥)ÀÇ À¯Çü, ´ëÀÀ ¹æ¾È
62. MalwareÀÇ °ø°Ý À¯Çü, ¿¹¹æ
63. MalwareÀÇ ºÐ¼® ¹× ŽÁö±â¹ý
64. Å°·Î°Å(Key-Logger)
65. ½º´ÏÇÎ(Sniffing)
66. Sniffing°ú Spoofing
67. ¾Æ·¡ ±×¸²¿¡¼ ARP(Address Resolution Protocol) Spoofing °ø°ÝÀÇ ¿¹½Ã¿Í ARP Spoofing °ø°ÝÀÇ ´ëó ¹æ¾È¿¡ ´ëÇØ ¼³¸íÇϽÿÀ.
68 ARP SpoofingÀÇ °ø°Ý ŽÁö ¹× ´ëÀÀ ¹æ¾È
69. IP Spoofing, ICMP Redirect, DNS Spoofing
70. ÇǽÌ(Phishing)
71. ¾×Ƽºê ÇǽÌ(Active Phishing)
72. ½ºÇǾî ÇǽÌ(Spear Phishing)
73. ÇǽÌ(Phishing)°ú ÆĹÖ(Pharming)
74. ÇǽÌ(Phishing)ÀÇ °ø°Ý À¯Çü°ú ´ëÀÀ ¹æ¹ý
75. ÆĹÖ(Pharming)ÀÇ °ø°Ý À¯Çü°ú ´ëÀÀ ¹æ¾È, Phishing°ú ºñ±³
76. ÀͽºÇ÷ÎÀÌÆ® °ø°Ý(Exploit Attack)
77. ·£¼¶¿þ¾î(Randsomware)
78. ·£¼¶¿þ¾î(Randsomware)¿Í ÆĹÖ(Pharming)
79. ·£¼¶¿þ¾î(Randsomware) °ø°Ý¿¡ ´ëÇÏ¿© »çÀü, »çÈÄÀû ´ëÀÀ ¹æ¾ÈÀ» ±â¼úÀû, °ü¸®Àû °üÁ¡¿¡¼ ¼³¸íÇϽÿÀ.
80. ·£¼¶¿þ¾î(Ransomware)¿Í RaaS(Ransomware as a Service)¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
81. ½ºÆÄÀÌ¿þ¾î(Spyware)
82. ¸Ö¹öŸÀÌ¡(Malvertising)
83. º¿³Ý(Botnet)
84. ¹Ì¶óÀÌ º¿³Ý(Mirai Botnet)¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
1) ¹Ì¶óÀÌ º¿³ÝÀÇ °³³ä
2) IoT ¼ºñ½º »ý¾ÖÁֱ⺰ º¸¾È À§Çù ¹× ÇØ°á ¹æ¾È
3) IoT °øÅ뺸¾È 7´ë ¿øÄ¢
85. DDoSÀÇ °ø°Ý ´ëÀÀ ¹æ¾È(1±³½ÃÇü)
86. DDoS(2±³½ÃÇü)
87. ´ÙÀ½ÀÇ ±×¸²Àº ¼ºñ½º °ÅºÎ(DDoS, Distributed Denial of Service) °ø°Ý »ç·ÊÀÌ´Ù. DDoS¿¡ ´ëÇÏ¿© ´ÙÀ½ ³»¿ëÀ» ¼³¸íÇϽÿÀ.
°¡. À§ »ç·ÊÀÇ °ø°Ý±â¹ý °³³ä
³ª. À§ »ç·ÊÀÇ °ø°Ý±â¹ý
´Ù. °ø°Ý±â¹ý¿¡ ´ëÇÑ º¸¾È ´ëÃ¥
88. DrDOS
89. PDoS(Permanent DoS)
90. ÀÎÅÍ³Ý Protocol¿¡¼ 4´Ü°è ÁÖ¼Òü°è(Specific/Port/Logical/Physical Address)¸¦ ¼³¸íÇÏ°í, °¢ ÁÖ¼Òü°è¿¡¼ ¹ß»ýÇÒ ¼ö ÀÖ´Â SpoofingÀÇ À§Çù
91. Rootkit(·çƮŶ)
92. Session Hijacking(³³Ä¡) Attack
93. APT(Advanced Persistent Threat) °ø°Ý±â¹ý°ú ´ëÀÀ ¹æ¾È
94. DNS(Domain Name Server) Sinkhole
95. SQL Injection °ø°Ý±â¹ý
96. XSS(Cross Site Scripting), CSRF¿Í ºñ±³
97. CSRF(Cross-Site Request Forgery)
98. TCP¿Í UDP Â÷ÀÌÁ¡, 3-Way Handshaking, SYN Attack ÇØ°á ¹æ¾È
99. Buffer Overflow (Sample Code ÀÛ¼º) Ãë¾àÁ¡ ¹× ´ëÀÀ ¹æ¾È
100. ¸Þ¸ð¸® ÇØÅ·(Memory Hacking)
101. ±â°ü ³»ºÎÀÚ¿¡ ÀÇÇØ ÇàÇØÁö´Â º¸¾È À§ÇùÀÇ ÁÖ¿ä ÇൿÀû Ư¼º
102. Á»ºñ(Zombie) PC
103. Á»ºñ(Zombie) PCÀÇ Å½Áö, ºÐ¼®, Á¦°Å ¹æ¾È
104. ½ºÅνº³Ý(Stuxnet)
105. ´ÙÅ© À¥(Dark Web)
106. ¾Ç¼º AP(Access Point)
107. ¿ö ´ÙÀ̾ó¸µ(War-Dialing), ¿ö µå¶óÀ̺ù(War-Driving)
108. Zero Day Attack
109. ¼ÒÇÁÆ®¿þ¾î Ãë¾àÁ¡À» ÀÌ¿ëÇÑ °ø°Ý¿¡ ´ëÇÑ º¸¾ÈÀ» Àû¿ëÇϱâ À§ÇÏ¿© °³¹ß ´Ü°èº° º¸¾È ±â¼úÀ» Àû¿ëÇÏ´Â °ÍÀÌ ÇÊ¿äÇÏ´Ù. ¼ÒÇÁÆ®¿þ¾î °³¹ß ´Ü°èº°·Î Àû¿ë °¡´ÉÇÑ º¸¾È ±â¼úÀ» Á¦½ÃÇÏ°í À̸¦ ¼³¸íÇϽÿÀ.
110. µå·Ð(Drone)ÀÇ º¸¾È À§Çù ¹× ´ëÀÀ ¹æ¾È
PART 4 ±â¾÷ ¹× °³ÀÎÀÇ Á¤º¸º¸È£, ÀÎÁõ
111. µðÁöÅÐ À±¸®(Digital Ethics)¿Í °³ÀÎÁ¤º¸º¸È£
112. Á¤º¸º¸È£ °ü¸® ¹× Á¤Ã¥
113. ±â¾÷ Á¤º¸º¸¾È
114. Á¤º¸º¸È£ÀÇ Çʿ伺°ú ±â¾÷ÀÇ Á¤º¸º¸È£ ½Ã ÀåÁ¡
115. Á¤º¸º¸¾È°ü¸®¿¡¼ÀÇ Áß¿ä ¿ë¾î
116. ISO 27000 Family
117. ISMS-P ÀÎÁõ±âÁØ
118. ISMS-P ÀÎÁõü°è
119. ISO 27001(ISMS-Information Security Management System)
120. Á¤º¸º¸È£ ½Ã½ºÅÛ º¸¾È¼º Æò°¡ ÀÎÁõ ½Ã ÇÊ¿äÇÑ ¹®¼
121. CCÆò°¡ ÀÎÁõ ÀýÂ÷ ¹× °¢ ´Ü°èº° ¾÷¹«
122. CC(Common Criteria)
123. °³ÀÎÁ¤º¸¿µÇâÆò°¡(PIA: Privacy Impact Assessment)ÀÇ ¸ñÀû, Æò°¡´ë»ó, Æò°¡´Ü°è ¹× Æò°¡ ÀýÂ÷
124. PMS(Patch Management System)
125. ±â¾÷ Á¤º¸º¸È£ Â÷¿ø¿¡¼ À§Çè °ü¸®(Risk Management) ¹æ¾È
126. Àü»ç º¸¾È °¨µ¶ À§¿øȸ(Enterprise Wide Security Oversight Committee) ±¸¼º°ú ¿ªÇÒ
127. CPO(Chief Privacy Officer)
128. CISO(Chief Information Security Officer)
129. OECD °³ÀÎ Á¤º¸º¸È£ 8´ë ¿øÄ¢
130. ÃÖ±Ù °¢ ºÐ¾ß¿¡¼ °³ÀÎÁ¤º¸ À¯ÃâÀÌ ÀÕµû¸£¸é¼ °æÁ¦Çù·Â°³¹ß±â±¸(OECD)ÀÇ ¡®ÇÁ¶óÀ̹ö½Ã 8¿øÄ¢¡¯ÀÌ »õ»ï ÁÖ¸ñ¹Þ°í ÀÖ´Ù. ÀÌ 8¿øÄ¢Àº °³ÀÎÁ¤º¸ÀÇ ¼öÁý ¹× °ü¸®¿¡ ´ëÇÑ ±¹Á¦»çȸÀÇ ÇÕÀǸ¦ ¹Ý¿µÇÑ ±¹Á¦ ±âÁØÀ¸·Î ¹ýÀûÀÎ ±¸¼Ó·ÂÀº ¾øÁö¸¸ ÀÏ¹Ý ¿øÄ¢À¸·Î ÀÎÁ¤¹Þ°í ÀÖ´Ù. °æÁ¦Çù·Â°³¹ß±â±¸(OECD) ÇÁ¶óÀ̹ö½Ã(Privacy) 8¿øÄ¢°ú °³ÀÎÁ¤º¸º¸È£¹ýÀ» ºñ±³ ¼³¸íÇϽÿÀ.
131. °³ÀÎÁ¤º¸ÀÇ °³³ä°ú °ø°øÁ¤º¸ °øÀ¯ ¹× °³¹æ ½Ã °³ÀÎÁ¤º¸ ó¸®ÀÇ ´Ü°èº° Àû¿ë ¿øÄ¢
132. ISO/IEC 27018
133. ÃÖ±Ù °³ÀÎÁ¤º¸¸¦ È°¿ëÇÏ´Â ¼ºñ½ºµéÀÌ Áõ°¡ÇÏ¸é¼ °³ÀÎÁ¤º¸¿¡ ´ëÇÑ º¸È£°¡ Áß¿äÇØÁö°í ÀÖ´Ù. ÀÌ¿Í °ü·ÃÇÏ¿© ISO/IEC 29100 ÇÁ¶óÀ̹ö½Ã 11¿øÄ¢°ú ISO/IEC 27701 °³ÀÎÁ¤º¸ º¸È£½Ã½ºÅÛ¿¡ ´ëÇÑ ÀÎÁõ ¹× Æò°¡¿¡ ´ëÇÏ¿© °¢°¢ ¼³¸íÇϽÿÀ.
134. °³ÀÎÁ¤º¸ ¾ÈÀü¼º È®º¸ Á¶Ä¡
135. °³ÀÎÁ¤º¸ º¸È£¿¡ °üÇÑ ¾Æ·¡ »çÇ׿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
°¡. °³ÀÎÁ¤º¸ÀÇ Á¤ÀÇ ¹× À¯Ãâ ¿øÀÎ
³ª. ¿À³²¿ë ÇàÀ§ ŽÁö ½Ã³ª¸®¿À »ý¼º ¹æ¾Èº°(4W1H, µ¥ÀÌÅÍ»ý¸íÁÖ±â) »ý¼º ±âÁØ ¹× ±¸¼º¿ä¼Ò
´Ù. ¿À³²¿ë ÇàÀ§ ŽÁö ½Ã³ª¸®¿À »ý¼º ¹æ¾Èº° »ç·Ê Á¦½Ã
136. ƯÁ¤ °³ÀÎÀÇ ÇÁ¶óÀ̹ö½Ã(Privacy)¸¦ º¸È£Çϸ鼵µ ±× °³ÀÎÀÇ Á¤º¸¸¦ »ç¿ëÇϱâ À§ÇØ ¼³°èµÈ ¹æ¹ýÀÇ ÇϳªÀÎ PPDM(Privacy Preserving Data Mining)À» Á¤ÀÇÇÏ°í, ±× ±â¹ý¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
137. °³ÀÎÁ¤º¸ÀÇ °¡¸íÀ͸íó¸® ±â¼ú
138. ÇÁ¶óÀ̹ö½Ã(Privacy) º¸È£ ¸ðµ¨ÀÎ K-ÀÍ¸í¼º
139. °³ÀÎÁ¤º¸º¸È£ Á᫐ ¼³°è(Privacy By Design)
140. CCL(Creative Commons License)
141. SSO(Single Sign On)(1±³½ÃÇü)
142. SSO(Single Sign On)(2±³½ÃÇü)
143. Á¢±ÙÅëÁ¦(Access Control)ÀÇ ¹°¸®Àû, °ü¸®Àû, ±â¼úÀû ÅëÁ¦ ¹æ¾È
144. Á¢±ÙÅëÁ¦(Access Control)ÀÇ ÀýÂ÷
145. Á¤º¸º¸¾ÈÀÇ Á¢±Ù ÅëÁ¦ À¯Çü
146. Ä¿º£·Î½º(Kerberos) ÀÎÁõ ÇÁ·ÎÅäÄÝ
147. AAA(Authentication, Authorization, Accounting)
148. ½Äº°(Identification)°ú ÀÎÁõ(Authentication)¿¡ ´ëÇÏ¿© ´ÙÀ½À» ¼³¸íÇϽÿÀ.
°¡. °³ÀÎ ½Äº°°ú »ç¿ëÀÚ ÀÎÁõÀÇ Á¤ÀÇ ¹× Â÷ÀÌÁ¡
³ª. »ç¿ëÀÚ ÀÎÁõ ½Ã º¸¾È ¿ä±¸ »çÇ×
´Ù. ÀÎÁõ ¹æ½Ä¿¡ µû¸¥ 4°¡Áö À¯Çü ¹× À¯Çüº° Ư¡
149. ½Ãµµ-ÀÀ´ä ÀÎÁõ(Challenge-Response Authentication)
150. »ýüÀνıâ¹ýÀÇ Æ¯Â¡°ú ´ÙÁß »ýü ÀÎ½Ä ±â¼ú
151. I-PIN 2.0
152. PKI(Public Key Infrastructure)
153. Shadow IT
154. OTP(One Time Password) ±¸¼º¿ä¼Ò, µ¿±â/ºñµ¿±â µ¿ÀÛ
155. Smart OTP(One Time Password)
156. CAPTCHA
157. DLP(Data Loss Prevention)
158. DRM(Digital Rights Management), DLP(Data Loss Prevention) ºñ±³
PART 5 ³×Æ®¿öÅ© º¸¾È
159. ¹æȺ®(Firewall)
160. WAF(Web Application Firewall)
161. ħÀÔÂ÷´Ü½Ã½ºÅÛ(Firewall)ÀÇ ±¸¼º ÇüÅÂ
162. ½ºÆÔ ÇÊÅÍ(Spam Filter)
163. ħÀÔŽÁö½Ã½ºÅÛ(IDS: Intrusion Detection System)ÀÇ ½ÇÇà ´Ü°è
164. ħÀÔŽÁö½Ã½ºÅÛ(IDS)À» »ç¿ëÇÏ¿© Suspicious(Àǽɽº·¯¿î) Packet ¼öÁý ¹æ¹ý
165. ºñÁ¤»ó ħÀÔŽÁö(Anomaly Detection)¿Í ¿À¿ëħÀÔŽÁö(Misuse Detection)
166. ħÀÔÂ÷´Ü½Ã½ºÅÛ(IPS)°ú ħÀÔŽÁö½Ã½ºÅÛ(IDS) ºñ±³
167. VPN(Virtual Private N/W)ÀÇ Àû¿ë ±â¼ú
168. VPN(Virtual Private Network)(2±³½ÃÇü)
169. VPN(Virtual Private Network) ±¸Çö ¹æ½Ä°ú ¼ºñ½º ÇüÅ¿¡ µû¶ó ºñ±³ÇÏ¿© ¼³¸íÇÏ°í, SSL VPN ¹æ½Ä¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
170. IPSecÀÇ AH¹× ESPÀÇ »ó¼¼±¸Á¶¿Í °¢ ÇʵåÀÇ º¸¾È»ó ¿ëµµ
171. SET(Secure Electronic Transaction)¿Í SSL(Secure Socket Layer)
172. EAM(Enterprise Access Management)
173. ESM(Enterprise Security Management)
174. UTMS(Unified Threat Management System)
175. RMS(Risk Management System)
176. »çÀ̹ö ºí·¢¹Ú½º(Cyber Blackbox)
177. Honey PotÀÇ µ¿ÀÛ¿ø¸®, ±¸¼º, ÁÖ¿ä ±â´É
178. TCPÀÇ Á¤»óÀûÀÎ 3-Way Handshaking°ú TCP SYN Attack ¹æ¹ý°ú ÇØ°á ¹æ¾È
179. TCP SYN Attack¿¡¼ L7 ½ºÀ§Ä¡·Î ´ëÀÀÇÒ ¼ö ÀÖ´Â ¹æ¹ý
180. NAC(Network Access Control)(1±³½ÃÇü)
181. NAC(Network Access Control)(2±³½ÃÇü)
182. IAM(Identity Access management)
183. Áö´ÉÇü CCTV
184. CCTVÅëÇÕ°üÁ¦¼¾ÅÍÀÇ Æó¼âȸ·Îȸé(CCTV) °³Àοµ»ó Á¤º¸º¸È£ ¹æ¾È¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
185. SOAR(Security Orchestration, Automation and Response)ÀÇ °³³ä ¹× µîÀå ¹è°æ, ±¸¼º¿ä¼Ò, ÁÖ¿ä ±â´É, ±â´ëÈ¿°ú, µµÀÔ ½Ã °í·Á»çÇ׿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
186. »çÀ̹ö ų üÀÎ(Cyber Kill Chain)
187. ¸Á ºÐ¸®
188. ¸Á ºÐ¸® º¸¾È(Security) À̽´(Issue)¿Í ´ëÀÀ ¹æ¾È
PART 6 System º¸¾È
189. TEE/SEE(Trusted Execution Environment/Secure)
190. TPM(Trusted Platform Module)
191. Trust Zone
192. Á¦·Î Æ®·¯½ºÆ®(Zero Trust) º¸¾È ¸ðµ¨
193. º¸¾È MCU(Security Micro Control Unit)
194. ¹«¼± LAN(Local Area Network)ÀÇ º¸¾È À§Çù
195. ¹«¼± LAN º¸¾È(2±³½ÃÇü)
196. IEEE 802.11i
197. WIPS(Wireless Intrusion Preventing System)
198. Gray Hacker
199. Smart WorkÀÇ º¸¾È À̽´(Issue)¿Í À̽´ ´ëó ¹æ¾È
200. Ŭ¶ó¿ìµå ÄÄÇ»ÆÃ(Cloud Computing)
201. Ŭ¶ó¿ìµå ÄÄÇ»ÆÃÀÇ ¸ÖƼÅ׳ͽÃ(Multi-Tenancy) º¸¾È
202. ISO/IEC 27017
203. CSAP(Cloud Security Assurance Program)
204. DB(Data Base) º¸¾È
205. Secure Coding
206. Software º¸¾È Å×½ºÆ® ¹æ¹ý·Ð
207. ¿î¿µÃ¼Á¦¿¡¼ º¸¾È Ä¿³Î(Kernel) ±¸Çö Àü·« ¹× °³¹ß ¹æ¹ý
208. Smart Grid º¸¾È
209. ÆÄÀÏ ½½·¢(File Slack)
210. µðÁöÅÐ Æ÷·»½Ä(Digital Forensics)
211. ÄÄÇ»ÅÍ(Computer) Æ÷·»½Ä(Forensic)
212. ½º¸¶Æ®Æù(Smartphone) Æ÷·»½Ä(Forensic)
1) ½º¸¶Æ®Æù(Smartphone) Æ÷·»½Ä Data¿Í ÀýÂ÷
2) ½º¸¶Æ®Æù ³»ÀÇ Data ÃßÃâ ¹æ¹ý
213. ħÇØ»ç°í ´ëÀÀ Ãø¸é°ú µðÁöÅÐ °¨»ç(Audit) Ãø¸é¿¡¼ µðÁöÅÐ Æ÷·»½ÄÀÇ Çʿ伺À» ¼³¸íÇÏ°í, µðÁöÅÐ Æ÷·»½Ä ÀýÂ÷ ¹× È°¿ëµÇ´Â ±â¼úÀ» ¼³¸íÇϽÿÀ.
214. ¾ÈƼÆ÷·»½Ä(Anti-Forensics)
215. OWASP(Open Web Application Security Project)-Web App. º¸¾È
216. ½º¸¶Æ® ÆÑÅ丮(Smart Factory)ÀÇ º¸¾È À§Çù°ú º¸¾È ¿ä±¸»çÇ×À» Á¦½ÃÇÏ°í, °¢ º¸¾È ¿ä±¸»çÇ׺° º¸¾È ´ëÃ¥¿¡ ´ëÇÏ¿© ¼³¸íÇϽÿÀ.
217. ȸ»ç ³» »çÀ̹öº¸¾È Á¶Á÷ÀÇ ¿ªÇÒ ¹× Ã¥ÀÓ»çÇ×À» Æò»ó½Ã¿Í ºñ»ó½Ã·Î ±¸ºÐÇÏ¿© ¼³¸íÇϽÿÀ.
PART 7 Àü¼Û µ¥ÀÌÅÍÀÇ ¹«°á¼º È®º¸
218. ÇعÖÄÚµå(Hamming Code)ÀÇ ¿À·ù °Ë»ö°ú ¼öÁ¤¹æ¹ý, È°¿ë ¹æ¾È
219. ¼ø¹æÇâ ¿¡·¯ ¹ß°ß(Forward Error Detection) ÀýÂ÷¸¦ ´ÙÀ̾î±×·¥, CRC(Cyclic Redundancy Check) °ªÀ» ±¸ÇÏ´Â °úÁ¤
220. 2Â÷¿ø ¦¼ö Æи®Æ¼¸¦ »ç¿ë, ´ÜÀÏ ºñÆ® ¿À·ù ¹ß°ß(Detection)°ú Á¤Á¤(Correction) °úÁ¤
221. Internet Checksum »ý¼º ¹× °ËÁõ °úÁ¤ |