基于网络综合扫描的信息安全风险评估研究

Research on Information Security Risk Evaluation Based on Network Multiple Scan

信息安全风险评估是安全风险管理的重要内容,是保障信息系统安全性的重要手段。利用网络综合扫描工具可以对信息系统进行有效的安全风险评估,从而维护系统的安全性。首先给出了安全扫描技术的分类,网络综合扫描的概念,并介绍了常用的网络综合扫描工具。然后对信息安全风险评估,介绍了其评估方法、评估流程和评估工具。最后,给出了利用网络综合扫描工具实现信息系统安全风险评估的原理,并通过扫描工具X-Scan进行测试。

Risk evaluation of information security is an important content of security risk management, is an important method of protecting information system security. Using the tools of multiple scan, risk evaluation can be done effectively, and protects the security of information system. In the paper firstly, the paper presents the classification of security scan, the concept of net, work muttiple scan and the tools of network multiple scan. Secondly, to information security risk evaluation, the methods of evaluation, the process of evaluation and the tools of evaluation are put forward. At the last, the principle of Information Security Risk Evaluation Based on Network Multiple Scan is presented, and scanner X-Scan is used to test.