h3crip路由协议配置
I was interviewed on LBC last week about NHSX App, and realised that some people in media struggle a bit “Cryptography”. When the editor called me she said
上周,我在LBC上接受了有关NHSX App的采访,并且意识到一些媒体人士在“加密”方面有些挣扎。 当编辑打电话给我时,她说
“How do you want to introduce yourself — you are a professor of crip-mm-graphy?”
“您想如何自我介绍-您是crip-mm-graphy的教授?”
“No, it’s cryptography”. And then the radio presenter:
“不,这是密码学”。 然后广播主持人:
“And so we have Professor Bill Buchanan, and who is a Professor of Crip-olology … oh, never heard that before”
“所以我们有比尔·布坎南(Bill Buchanan)教授,他是crip-olology的教授……哦,以前从未听说过”
Gulp! I had to correct again.
lp! 我不得不再次纠正。
So, perhaps next time I might introduce myself as a Professor of Cybersecurity, and make things easier. Overall, though, I worried that the media — and the general public — possibly do not what cybersecurity is all about. We thus need to look at our industry and understand how we can better educate others on what we are all about.
因此,也许下次我可能会自我介绍为网络安全教授,并使事情变得简单。 不过,总的来说,我担心媒体和公众可能不会了解网络安全的全部内容。 因此,我们需要审视我们的行业,并了解如何更好地教育他人有关我们的一切。
At the present we are going through a recertification of our MSc programme, and the core knowledge areas are defined as:
目前,我们正在对我们的MSc计划进行重新认证,其核心知识领域定义为:
That is the core — the fundamentals — the equivalent of Ohm’s Law of Cybersecurity. To do an MSc in Cybersecurity, you should be doing these subject. As a professional, too, these should be our common base line knowledge. Then we get desirable areas:
这就是核心-基本原理-等同于欧姆的网络安全法则。 要获得网络安全硕士学位,您应该做这些主题。 作为专业人士,这些也应该是我们的基本基线知识。 然后我们得到了理想的区域:
In the end we have core areas in Category 1, desirable ones in Category 2, and optional areas in Category 3:
最后,我们在类别1中拥有核心领域,在类别2中具有理想的领域,在类别3中具有可选的领域:
52个职位 (52 job roles)
NIST, too show the confusion in the usage of cybersecurity, and in the need to standardize job roles and knowledge areas:
NIST也显示了对网络安全的使用以及对标准化工作角色和知识领域的需求的困惑:
But our current mappings between industry and academia do not quite match up the things that industry would define within jobs roles, where academia often fails to link with professional development. At one time an academic qualification might be the thing that gets you your promotion, but increasingly its more about the knowledge and skills that you have, and your career progression. NIST thus want us all to use the same names for roles, knowledge, skills and abilities, and this will help recruiters to identify the best candidates and for companies to plan their skills development activities.
但是,我们目前在行业和学术界之间的映射与行业在职位职位中定义的定义并不完全匹配,因为学术界通常无法将其与职业发展联系起来。 一次获得学历资格可能是使您晋升的原因,但越来越多的事情涉及您拥有的知识和技能以及您的职业发展。 NIST因此希望我们所有人在角色,知识,技能和能力上使用相同的名称,这将有助于招聘人员确定最佳人选,并帮助公司计划其技能开发活动。
In order to address this NIST has broken the field into categories and then split these into specialty areas, work roles, skills, knowledge areas and abilities.
为了解决此问题,NIST已将该领域分为几类,然后将其划分为专业领域,工作角色,技能,知识领域和能力。
For Cyber Security they define seven categories; 33 speciality areas; and 52 work roles [here], and then map these to 1,007 tasks, 374 skills, 630 knowledge areas and 176 abilities:
对于网络安全,他们定义了七个类别。 33个专业领域; 和52个工作角色 ( 在此处 ),然后将它们映射到1,007个任务,374个技能,630个知识领域和176个能力:
Securely Provision (SP). Risk Management (RSK); Software Development (DEV); Systems Architecture (ARC); Technology R&D (TRD); Systems Requirements Planning (SRP); Test and Evaluation (TST)
安全配置(SP) 。 风险管理(RSK); 软件开发(DEV); 系统架构(ARC); 技术研发(TRD); 系统需求计划(SRP); 测试与评估(TST)
Operate and Maintain (OM). Data Administration (DTA). Knowledge Management (KMG). Customer Service and Technical Support (STS); Network Services (NET); Systems Administration (ADM); Systems Analysis (ANA)
操作和维护(OM) 。 数据管理(DTA)。 知识管理(KMG)。 客户服务和技术支持(STS); 网络服务(NET); 系统管理(ADM); 系统分析(ANA)
Oversee and Govern (OV). Legal Advice and Advocacy (LGA); Training, Education, and Awareness (TEA); Cybersecurity Management (MGT); Strategic Planning and Policy (SPP); Executive Cyber Leadership (EXL); Program/Project Management (PMA) and Acquisition;
监督和治理(OV) 。 法律咨询和倡导(LGA); 培训,教育和意识(TEA); 网络安全管理(MGT); 战略规划和政策(SPP); 行政网络领导(EXL); 计划/项目管理(PMA)和采购;
Protect and Defend (PR). Cybersecurity Defense Analysis (CDA); Cybersecurity Defense Infrastructure Support (INF); Incident Response (CIR); Vulnerability Assessment and Management (VAM)
保护与防御(PR) 。 网络安全防御分析(CDA); 网络安全防御基础架构支持(INF); 事件响应(CIR); 漏洞评估与管理(VAM)
Analyze (AN). Threat Analysis (TWA); Exploitation Analysis (EXP); All-Source Analysis (ASA); Targets (TGT); Language Analysis (LNG).
分析(AN) 。 威胁分析(TWA); 漏洞利用分析(EXP); 全源分析(ASA); 目标(TGT); 语言分析(LNG)。
Collect and Operate (CO). Collection Operations (CLO); Cyber Operational Planning (OPL); Cyber Operations (OPS).
收集和操作(CO) 。 收款业务(CLO); 网络运营计划(OPL); 网络运营(OPS)。
Investigate (IN). Cyber Investigation (INV); Digital Forensics (FOR).
调查(IN) 。 网络调查(INV); 数字取证(FOR)。
结论 (Conclusion)
So, I’m a Professor of Cryptography, but to the media I’m now a Professor of Cybersecurity.
因此,我是密码学教授,但对于媒体而言,我现在是网络安全教授。
翻译自: https://medium.com/asecuritysite-when-bob-met-alice/youre-a-professor-of-crip-ology-d616cc4f8c44
h3crip路由协议配置
580
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
