찾아보니 TTA에서 악성코드 감염 예방을 위한 지침이라는 표준문서를 발간했었군요
구글링 시 다음 검색어 사용: 악성코드감염예방을위한지침 TTA
또는 아래 링크
아래와 같은 목차이고, 내용을 훑어보니 악성코드와 안티바이러스에 대한 개념을 잡기에도 좋은 자료로 보입니다
목 차
1. 개요 ········································································································································ 1
2. 표준의 구성 및 범위 ·········································································································· 2
3. 악성 코드 개요 ···················································································································· 2
3.1 악성 코드 정의 ············································································································ 2
3.2 악성 코드 분류 ············································································································ 4
3.2.1 바이러스 ·············································································································· 5
3.2.2 웜(Worm) ············································································································ 7
3.2.3 트로이 목마(Trojan horse) ············································································ 8
3.2.4 악성 코드의 주요 기능적 속성 ······································································ 8
3.3 악성 코드 동작 원리 ································································································ 10
3.3.1 악성 코드 감염 순서 ····················································································· 10
3.3.2 악성 코드 감염 경로 ····················································································· 12
3.3.3 악성 코드 감염 증상 및 피해 ····································································· 14
3.4 악성 코드 대응 - 백신 프로그램 ·········································································· 17
3.4.1 백신 프로그램의 정의 ··················································································· 17
3.4.2 백신 프로그램의 탐지 기술 ········································································· 18
3.4.3 백신 프로그램의 동작 원리 ········································································· 19
3.4.4 백신 프로그램의 종류 및 선택 ··································································· 19
3.4.5 백신 프로그램 사용상의 주의점 ································································· 20
4. 악성 코드 방지 지침 ········································································································ 21
4.1 시스템 사용자 관리 지침 ························································································ 22
4.1.1 소프트웨어 관리 ····························································································· 22
4.1.2 운영 관리 ········································································································· 22
4.1.3 사후 지침 ········································································································· 23
4.2 시스템 관리자 관리 지침 ························································································ 24
4.2.1 소프트웨어 관리 ····························································································· 24
4.2.2 컴퓨터 관리 ····································································································· 24
4.2.3 네트워크 관리 ································································································· 25
4.2.4 운영 관리 ········································································································· 25
4.2.5 경영 관리적 지침 ··························································································· 25
4.2.6 사후 검색 ········································································································· 26
정보통신단체표준(국문표준)
- 2 - TTAK.KO-12.0010/R2
4.2.7 사용자 교육 ····································································································· 26
4.2.8 기록 ··················································································································· 26
4.3 악성 코드의 일반적인 예방 수칙 ·········································································· 27
4.3.1 악성 코드 예방 수칙 ····················································································· 27
4.3.2 취약성 제거 ··································································································· 30
4.4 비상시 대응 지침 ······································································································ 31
4.4.1 감시 ··················································································································· 31
4.4.2 비상시 대응책 ································································································· 32
부록 1. 악성 봇 개요 ············································································································ 33
부록 2. 악성 코드의 발전 단계 ·························································································· 36
부록 3. 참고 문헌 ·················································································································· 43
'Work Log > As Cybersecurity Consultant' 카테고리의 다른 글
| NoSQL 도입 시 고려해야 할 사항들 (0) | 2013.05.07 |
|---|---|
| [Lessons Learned] APIPA(Automatic Private IP Addressing)의 고려 (0) | 2013.05.05 |
| [Lessons Learned] UAC(User Account Control) 관련 (0) | 2013.05.04 |
| 시스템의 총 전력 요구사항 계산 / 전력량 계산 방법 (0) | 2013.05.04 |
| 안전한 인터넷 사용을 위한 주의사항 - 허위 메시지(Hoax)에 속지 않기 위해서는 (0) | 2012.10.28 |