没有合适的资源?快使用搜索试试~ 我知道了~
德国BPM关于安全威胁的分类(IT_Baseline_Protection_Manual_New).pdf
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 75 浏览量
2022-01-02
22:23:56
上传
评论
收藏 2.64MB PDF 举报
温馨提示
![preview](https://dl-preview.csdnimg.cn/73197533/0001-5a123610027b4b190adceb42a99eda53_thumbnail.jpeg)
![preview-icon](https://csdnimg.cn/release/downloadcmsfe/public/img/scale.ab9e0183.png)
试读
426页
德国BPM关于安全威胁的分类(IT_Baseline_Protection_Manual_New).pdf
资源推荐
资源详情
资源评论
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![ipynb](https://img-home.csdnimg.cn/images/20210720083646.png)
![7z](https://img-home.csdnimg.cn/images/20210720083312.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![rar](https://img-home.csdnimg.cn/images/20210720083606.png)
![pdf](https://img-home.csdnimg.cn/images/20210720083512.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![zip](https://img-home.csdnimg.cn/images/20210720083736.png)
![exe](https://img-home.csdnimg.cn/images/20210720083343.png)
![](https://csdnimg.cn/release/download_crawler_static/73197533/bg1.jpg)
Threats Catalogue Force majeure Comments
____________________________________________________________________
..........................................
____________________________________________________________________
..........................................
IT Baseline Protection Manual: New 1
T 1
T 1 Threats Catalogue Force Majeure
T 1.1 Loss of personnel
T 1.2
Failure of the IT system
T 1.3
Lightning
T 1.4
Fire
T 1.5
Water
T 1.6
Burning cables
T 1.7
Inadmissible temperature and humidity
T 1.8
Dust, soiling
T 1.9
Loss of data due to intensive magnetic fields
T 1.10
Failure of a wide area network
T 1.11
The effects of catastrophes in the environment
T 1.12
Problems caused by big public events
T 1.13
Storms
T 1.14
Loss of data due to strong light
T 1.15
Degradation due to changing application environment
![](https://csdnimg.cn/release/download_crawler_static/73197533/bg2.jpg)
Threats Catalogue Force majeure Comments
____________________________________________________________________
..........................................
____________________________________________________________________
..........................................
IT Baseline Protection Manual: New 2
T 1.1
T 1.1 Loss of personnel
Illness, accident, death or a strike can result in an unforeseen loss of personnel
resources. It also needs to be borne in mind that when a person terminates his
employment in the normal manner, the remaining time that he is available for
work can be shortened, for example, by his taking holidays during the notice
period.
In all cases, the result may be that critical tasks are no longer performed due to
the loss of manpower in IT applications. This is especially critical if the
person concerned holds a key position in the IT area and cannot be replaced
by alternative staff due to lack of technical expertise. IT operations could be
disrupted as a result.
A loss of personnel resources could also mean that specialist knowledge
and/or secret information is lost, preventing the person’s duties being taken
over by to replacement staff.
Examples:
- Due to prolonged illness, the Network Administrator was away from work.
In the company concerned, at first the network ran without any problems.
However, when the system crashed after two weeks no one was able to sort
out the problem. As a result the network was out of service for several
days.
- While the Administrator was on holiday, it was necessary for backup
purposes to access the backup tapes in the data backup safe. The access
code to the safe had been changed only recently and only the Administrator
knew the new code. It was not possible to restore the data for several days
as it was necessary first to find out the Administrator’s whereabouts.
Key positions in the IT
area
Loss of knowledge and
secret information
![](https://csdnimg.cn/release/download_crawler_static/73197533/bg3.jpg)
Threats Catalogue Force majeure Comments
____________________________________________________________________
..........................................
____________________________________________________________________
..........................................
IT Baseline Protection Manual: New 3
T 1.2
T 1.2 Failure of the IT system
Failure of a single component in an IT system can result in failure of the entire
IT operation. Such failures are especially likely to occur where faults develop
in components which are central to the IT system, e.g. LAN server or data
transmission facilities. Failure of components of the technical infrastructure,
for example air conditioning or power supply facilities, can also help induce
an IT system failure.
Technical failure (e.g. T 4.1 Disruption of power supply) should not
necessarily be assumed to be the cause when an IT system fails. Failures are
often also the result of human error (e.g. T 3.2 Negligent destruction of
equipment or data) or wilful action (e.g. T 5.4 Theft, T 5.91 Sabotage). Loss
or damage can also occur as a result of force majeure (e.g. fire, lightning,
chemical accident), although in such cases the scale of the damage is likely to
be considerably higher.
If any time-critical IT applications are run on an IT system, the consequential
damage following a system failure may be expected to be extensive unless
there are alternatives available.
Examples:
- Due to voltage spikes in the power supply, the power supply unit for an
important IT system is destroyed. As the IT system concerned is an older
model, replacement parts are not available immediately. Repairs take a
whole day to perform and during this time the entire IT operation is at a
standstill.
- Firmware is loaded onto an IT system for which it is unsuited. The IT
system will no longer start without errors and has to be repaired by the
manufacturer.
- A power failure in an internet service provider’s storage system resulted in
this being shut down. Although it was possible to fix the actual error quite
quickly, the IT systems affected would not boot up correctly as there were
inconsistencies in the file system. Several of the web servers operated by
the ISP remained out of action for days until all the consequential problems
had been resolved.
- In electronic archives, it is possible for the date of first archiving to be
misinterpreted as the document creation date if no other procedures for the
introduction of evidence, such as time stamping services, are followed for
certification purposes. This primarily affects business processes into which
the electronic archiving of large quantities of document data is
transparently integrated. In one case, failure of an archive component
meant that archiving of some of the document data was delayed by a day.
Because WORM media were used, the sequence in which the business
documents were physically archived was documented and could therefore
be proven, but the delay that occurred as a result of the failed archived
component was not documented. As a result during a subsequent check it
looked as if the documents had been tampered with after archiving.
Failure of central
components
Technical failure / human
error
Failure of an archive
component
![](https://csdnimg.cn/release/download_crawler_static/73197533/bg4.jpg)
Threats Catalogue Force majeure Comments
____________________________________________________________________
..........................................
____________________________________________________________________
..........................................
IT Baseline Protection Manual: New 4
T 1.3
T 1.3 Lightning
The occurrence of lightning during a thunderstorm is a major threat to a
building and the IT facilities accommodated there. With a voltage of several
hundred thousand volts, lightning strikes can achieve currents of up to
200,000 amperes. This enormous electrical energy is released and dies away
within a period of 50-100 microseconds. A lightning strike of this order of
magnitude originating from a distance of about 2 km will still cause voltage
peaks that are capable of destroying sensitive electronic devices in the power
lines of the building. The closer the lightning strike is, the greater the indirect
damage.
If a building is directly hit by lightning, damage will be caused by the
dynamic energy of the lightning strike. This may include physical damage to
the structure (roof and façade), damage caused by resultant fire, or overvoltage
damage to electric devices.
The German Meteorological Service provides information on the risk of
lightning in the various regions.
Examples:
- At a major German airport there was a lightning strike very close to the air
traffic control tower. Despite the external lightning protection system
(lightning conductor) that had been installed, the automatic fire
extinguishing system in the IT area was triggered and as a result all airport
operations were paralysed for two hours.
- As well as direct damage, lightning often has more far-reaching
consequences. Reports such as that reporting a lightning strike on a high-
voltage line in the vicinity of Darmstadt in April 1999 that resulted in a
short-term power failure affecting around 80,000 persons are quite
common.
Release of electrical
energy
Damage to buildings
![](https://csdnimg.cn/release/download_crawler_static/73197533/bg5.jpg)
Threats Catalogue Force majeure Comments
____________________________________________________________________
..........................................
____________________________________________________________________
..........................................
IT Baseline Protection Manual: New 5
T 1.4
T 1.4 Fire
Apart from the direct damage caused by fire to a building or its equipment,
there may be consequential damage, the impact of which can attain disastrous
dimensions, especially for IT systems. For example, damage from water for
fire fighting does not occur only at the direct site of the fire. Such damage can
also be found in lower parts of the building. The burning of PVC generates
chlorine gases which, when combined with air moisture and the fire-fighting
water, form hydrochloric acid. In the event that such chlorine gases are spread
via the air conditioning system, this may lead to damage of sensitive
electronic devices in other areas far away from the site of the fire. But even
"normal" smoke given off by fire can have harmful effects on IT equipment.
Fires can be caused not only by careless handling of combustible material (e.g.
Christmas candles, welding and soldering work etc.), but also by improper use
of electric devices (e.g. unattended coffee machines, overloading of multiway
socket outlets). Technical faults on electrical equipment can also cause fires.
Factors which help fires to spread include:
- wedging fire doors open
- improper storage of combustible materials
- failure to observe relevant standards and regulations
- absence of fire detection devices
- absence of hand fire extinguishers and automatic quenching systems
- deficient fire prevention (e.g. lack of fire insulation along cable routes).
Examples:
- In the early 90s, a mainframe computer centre in the Frankfurt region was
hit by a disastrous fire, leading to total failure.
- It is an all too common occurrence that small electrical devices such as
coffee machines or halogen lamps are not installed or operated in the
proper manner, causing fires as a result.
剩余425页未读,继续阅读
资源评论
![avatar-default](https://csdnimg.cn/release/downloadcmsfe/public/img/lazyLogo2.1882d7f4.png)
![avatar](https://profile-avatar.csdnimg.cn/d5fa1452106248a4a63014172db25c5d_leavemyleave.jpg!1)
mYlEaVeiSmVp
- 粉丝: 1961
- 资源: 19万+
![benefits](https://csdnimg.cn/release/downloadcmsfe/public/img/vip-rights-1.c8e153b4.png)
下载权益
![privilege](https://csdnimg.cn/release/downloadcmsfe/public/img/vip-rights-2.ec46750a.png)
C知道特权
![article](https://csdnimg.cn/release/downloadcmsfe/public/img/vip-rights-3.fc5e5fb6.png)
VIP文章
![course-privilege](https://csdnimg.cn/release/downloadcmsfe/public/img/vip-rights-4.320a6894.png)
课程特权
![rights](https://csdnimg.cn/release/downloadcmsfe/public/img/vip-rights-icon.fe0226a8.png)
开通VIP
上传资源 快速赚钱
我的内容管理 展开
我的资源 快来上传第一个资源
我的收益
登录查看自己的收益我的积分 登录查看自己的积分
我的C币 登录后查看C币余额
我的收藏
我的下载
下载帮助
![voice](https://csdnimg.cn/release/downloadcmsfe/public/img/voice.245cc511.png)
![center-task](https://csdnimg.cn/release/downloadcmsfe/public/img/center-task.c2eda91a.png)
安全验证
文档复制为VIP权益,开通VIP直接复制
![dialog-icon](https://csdnimg.cn/release/downloadcmsfe/public/img/green-success.6a4acb44.png)