| 期刊論文| 1. | Bellovin, S. M.、Bush, R.(2009)。Configuration Management and Security。IEEE Journal on Selected Areas in Communications,27(3),268-274。   | | 2. | Chatzipoulidis, A.、Belidis, A.、Kargidis, T.(2012)。A Risk Management Approach To Information Society。UFV Research Review: A Special Topics Journal,4(3)。 | | 3. | 廖君美(2013)。企業風險管理與資訊安全機制設計。財金資訊季刊,75,27-31。 延伸查詢 | 會議論文| 1. | Alsaleh, M. N.、Al-Shaer, E.(2011)。SCAP Based Configuration Analytics for Comprehensive Compliance Checking。2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG),(會議日期: Oct. 31 2011-Nov. 1 2011)。IEEE。1-8。 | 圖書| 1. | 行政院國家資通安全會報技術服務中心(2014)。安全控制措施參考指引。 延伸查詢 | | 2. | 行政院國家資通安全會報技術服務中心(2015)。資訊系統分類分級與鑑別機制參考手冊研修規劃。 延伸查詢 | | 3. | Center for Internet Security(2014)。Council on CyberSecurity 2014 Annual Report。 | | 4. | Council on CyberSecurity(2014)。The Critical Security Controls for Effective Cyber Defense。 | | 5. | Ross, R.(2013)。Security And Privacy Controls For Federal Information Systems And Organizations。 | 其他| 1. | International Organization for Standardization(2013)。Information Technology-Security Techniques-Information Security Management Systems- Requirements(ISO/IEC 27001)。,Geneva:International Organization for Standardization。 | | 2. | ISO(2005)。Information Technology--Security Techniques -- Code of Practice for Information Security Controls(ISO/IEC 27002)。 | | 3. | Dave Shackleford(2012)。Secure Configuration Management Demystified,http://www.sans.org/。 | | 4. | SecPod(2012)。CCE-9330-2,http://www.scaprepo.com/control.jsp?command=search&search=CCE-9330-2。 | | 5. | Tom Palmaers(2013)。Implementing a Vulnerability Management Process,http://www.sans.org。 | | 6. | Coverity(2012)。Reduce Your Costs: Eliminate Critical Security Vulnerabilities with Development Testing,http://www.coverity.com/。 | 圖書論文| 1. | Johnson, A.、Dempsey, K.、Ross, R.、Gupta, S.、Bailey, D.(2012)。Guide For Security-Focused Configuration Management of Information Systems。The National Institute of Standards And Technology Special Publication。 | |