GB/T 22239-2008 Translated English of Chinese Standard. (GBT 22239-2008, GB/T22239-2008, GBT22239-2008): Information security technology - Baseline for classified protection of information system security
https://www.chinesestandard.net, Nov 28, 2015 - Technology & Engineering - 96 pages
This Standard specifies the basic protection requirements for different security protection levels of information system, including basic technical requirements and basic management requirements, which is suitable for guiding the security development, supervision and management of classified information system.
Basic Requirements of Level II
Basic Requirements of Level III
Basic Requirements of Level IV
Basic Requirements of Level V
according anti-malicious code software anti-virus application system audit records audit statement authorized and approved authorizing special department backup and recovery basic security requirements behavior classified protection communication communication protocol computer security conducting configuration database system department or personnel designating or authorizing developing emergency plan encryption ensuring environment establishing security management files function of log-in GB/T identity authentication information information security information system installation integrity IP fragment level assessment level of information log-in failure treatment machine room malicious code library management G2 management G3 network equipment network security network segment network system operation system password power supply relevant departments requirements include responsible restriction and automatic security administrators Security audit security inspection security management system security policy security protection ability security protection level security service provider security technology server session closure special personnel storage system administrators system and database test & acceptance treatment by adopting unauthorized log-in restriction updating user identity