Polisi Keselamatan Siber JPA Versi 2.1
4 Polisi Keselamatan Siber – Jabatan Perkhidmatan Awam | Versi 2.1 3.7 Polisi Meja Kosong Dan Skrin Kosong ............................................................................. 73 3.8 Penempatan dan Perlindungan aset ICT ......................................................................... 74 3.9 Keselamatan Aset di Luar Pejabat .................................................................................... 75 3.10 Media Storan ......................................................................................................................... 76 3.11 Perkhidmatan Sokongan ..................................................................................................... 77 3.12 Keselamatan Pengkabelan ................................................................................................ 78 3.13 Penyelenggaraan Peralatan .............................................................................................. 78 3.14 Pelupusan atau Penggunaan Semula Peralatan ......................................................... 79 BAB 4 : KAWALAN TEKNOLOGI ....................................................................................................... 81 4.1 Aset ICT Pengguna ................................................................................................................ 82 4.2 Kebenaran Hak Akses .......................................................................................................... 84 4.3 Kawalan Akses Maklumat ................................................................................................... 85 4.4 Akses Kepada Kod Sumber ................................................................................................ 86 4.5 Pengesahan Selamat ( Secure Authentication ) .............................................................. 87 4.6 Pengurusan Kapasiti .............................................................................................................. 88 4.7 Perlindungan Terhadap Perisian Hasad (Malware) ....................................................... 89 4.8 Pengurusan Teknikal Ke Atas Kerentanan ..................................................................... 91 4.9 Pengurusan Konfigurasi ...................................................................................................... 93 4.10 Penghapusan Maklumat ..................................................................................................... 94 4.11 Penyembunyian Data (Data Masking) ............................................................................. 95 4.12 Pencegahan Kebocoran Data (Data Leakage Prevention) ........................................ 96 4.13 Sandaran Maklumat (Information Backup) ................................................................... 97 4.14 Redundancy bagi Kemudahan Pemprosesan Maklumat .......................................... 97 4.15 Merekodkan Log (Logging) ............................................................................................... 98 4.16 Aktiviti Pemantauan ............................................................................................................ 99 4.17 Penyelarasan Jam ................................................................................................................ 101 4.18 Penggunaan Program Utiliti Khas .................................................................................. 101 4.19 Instalasi Perisian ................................................................................................................. 102 4.20 Keselamatan Rangkaian .................................................................................................... 102 4.21 Keselamatan Perkhidmatan Rangkaian ........................................................................ 104 4.22 Pengasingan Rangkaian ................................................................................................... 105 4.23 Kawalan Penapisan Web ................................................................................................... 106 4.24 Penggunaan Kriptografi .................................................................................................... 106 4.25 Kitaran Hayat Pembangunan Yang Selamat ................................................................ 108 4.26 Keperluan Keselamatan Sistem Aplikasi ...................................................................... 109 4.27 Prinsip Kejuruteraan dan Arkitektur Sistem yang Selamat (Secure Sistem ....... 111
Made with FlippingBook
RkJQdWJsaXNoZXIy MTc1NDAy