{"id":177,"date":"2023-11-19T10:54:49","date_gmt":"2023-11-19T01:54:49","guid":{"rendered":"https:\/\/yokohama-infosec-consulting-service.net\/?p=177"},"modified":"2024-11-23T21:44:58","modified_gmt":"2024-11-23T12:44:58","slug":"csirtcomputer-security-incident-response-team","status":"publish","type":"post","link":"https:\/\/yokohama-infosec-consulting-service.net\/?p=177","title":{"rendered":"CSIRT(Computer Security Incident Response Team)"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u554f\u984c\u767a\u751f\u6642\u306e\u5bfe\u5fdc\u65b9\u6cd5\u3068\u4f53\u5236\u306e\u5728\u308a\u65b9<\/h2>\n\n\n\n<p>\u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f\u5e38\u306b\u8105\u5a01\u306b\u3055\u3089\u3055\u308c\u3066\u3044\u308b\u70ba\u3001\u554f\u984c\u306f\u5927\u306a\u308a\u5c0f\u306a\u308a\u767a\u751f\u3057\u3046\u308b\u3082\u306e\u3068\u3057\u3066\u3068\u3089\u3048\u3001\u4ee5\u4e0b\u306e\u5bfe\u5fdc\u3092\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u4f46\u3057\u3001\u7406\u60f3\u7684\u306a\u4f53\u5236\u306f\u304b\u306a\u308a\u5927\u304d\u306a\u3082\u306e\u3068\u306a\u3063\u3066\u3057\u307e\u3046\u305f\u3081\u3001\u305d\u306e\u7d44\u7e54\u306e\u898f\u6a21\u3001\u4e8b\u696d\u5185\u5bb9\u306b\u3088\u3063\u3066\u3001\u5f79\u5272\u3092\u62c5\u3046\u4eba\u306e\u517c\u52d9\u3084\u5185\u90e8\u3001\u5916\u90e8\u306e\u4f7f\u3044\u5206\u3051\u3092\u8003\u616e\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>\u554f\u984c\u304c\u767a\u751f\u3057\u3065\u3089\u3044\u53d6\u308a\u7d44\u307f<\/li>\n\n\n\n<li>\u767a\u751f\u3057\u305f\u969b\u306e\u8fc5\u901f\u306a\u691c\u77e5\u30fb\u5bfe\u5fdc\u304c\u53d6\u308c\u308b\u4f53\u5236\u306e\u69cb\u7bc9<\/li>\n\n\n\n<li>\u554f\u984c\u767a\u751f\u5f8c\u306f\u5bfe\u51e6\u5f8c\u306e\u6559\u8a13\u3092\u53d6\u308a\u51fa\u3059\u4ed5\u7d44\u307f\u306e\u4f5c\u6210<br><\/li>\n<\/ul>\n\n\n\n<p>\u53c2\u8003\u306b\u3059\u3079\u304d\u306f\u7c73\u56fd\u306e\u51fa\u3057\u3066\u3044\u308b\u4ee5\u4e0b\u306e\u30c9\u30ad\u30e5\u30e1\u30f3\u30c8\u3067\u3042\u308b\u3002<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><strong>\u539f\u3000\u3000\u5178<\/strong><\/p>\n\n\n\n<p>NIST SP 800-61 Rev.2 Computer Security Incident Handling Guide<\/p>\n\n\n\n<p><a href=\"https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-61r2.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-61r2.pdf<\/a><\/p>\n\n\n\n<p><br><strong>\u65e5\u672c\u8a9e\u8a33<\/strong><\/p>\n\n\n\n<p>\u72ec\u7acb\u884c\u653f\u6cd5\u4eba\u60c5\u5831\u51e6\u7406\u63a8\u9032\u6a5f\u69cb \u30b3\u30f3\u30d4\u30e5\u30fc\u30bf\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5bfe\u5fdc\u30ac\u30a4\u30c9Rev1<\/p>\n\n\n\n<p><a href=\"https:\/\/www.ipa.go.jp\/security\/reports\/oversea\/nist\/ug65p90000019cp4-att\/000025343.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.ipa.go.jp\/security\/reports\/oversea\/nist\/ug65p90000019cp4-att\/000025341.pdf<\/a><\/p>\n<\/blockquote>\n\n\n\n<p>\u65e5\u672c\u3067\u306f\u4ee5\u4e0b\u306b\u4f53\u5236\u306e\u69cb\u7bc9\u65b9\u6cd5\u304c\u8aac\u660e\u3055\u308c\u3066\u3044\u308b\u3002<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><br>\u65e5\u672c\u30b7\u30fc\u30b5\u30fc\u30c8\u5354\u8b70\u4f1a CSIRT\u4eba\u6750\u306e\u5b9a\u7fa9\u3068\u78ba\u4fdd Ver2.1<\/p>\n\n\n\n<p><a href=\"https:\/\/www.nca.gr.jp\/activity\/imgs\/recruit-hr20201211.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/www.nca.gr.jp\/activity\/imgs\/recruit-hr20201211.pdf<\/a><\/p>\n<\/blockquote>\n\n\n\n<p><\/p>\n\n\n\n<h2 class=\"wp-block-heading\">1. \u30b0\u30eb\u30fc\u30d7\u5206\u985e<\/h2>\n\n\n\n<p>\u6700\u4f4e\u9650\u306f\u4ee5\u4e0b\u306e5\u30b0\u30eb\u30fc\u30d7\u304c\u5fc5\u8981\u3002<br><\/p>\n\n\n\n<p><strong>\u517c\u4efb\u30b0\u30eb\u30fc\u30d7\uff11[G1]\uff08\u9023\u7d61\u30fb\u5168\u4f53\u7d71\u62ec\uff09<\/strong><br>\u3000\u793e\u5916PoC \uff1a\u81ea\u7d44\u7e54\u5916\u9023\u7d61\u62c5\u5f53<br>\u3000\u793e\u5185PoC \uff1a\u81ea\u7d44\u7e54\u5185\u9023\u7d61\u62c5\u5f53<br>\u3000\u30ea\u30fc\u30ac\u30eb\u30a2\u30c9\u30d0\u30a4\u30b6\u30fc\uff1a\u30ea\u30fc\u30ac\u30eb\u30a2\u30c9\u30d0\u30a4\u30b9\u62c5\u5f53<br>\u3000\u30ce\u30fc\u30c6\u30a3\u30d5\u30a3\u30b1\u30fc\u30b7\u30e7\u30f3\u62c5\u5f53\uff1a\u81ea\u7d44\u7e54\u5185\u8abf\u6574\u30fb\u60c5\u5831\u767a\u4fe1\u62c5\u5f53\u3001 IT \u90e8\u9580\u8abf\u6574\u62c5\u5f53<br>\u3000\u30b3\u30de\u30f3\u30c0\u30fc\uff1aCSIRT \u5168\u4f53\u7d71\u62ec\u62c5\u5f53<br>\u3000\u30a4\u30f3\u30d9\u30b9\u30c6\u30a3\u30b2\u30fc\u30bf\u30fc\uff1a\u8abf\u67fb\u30fb\u635c\u67fb\u62c5\u5f53<br>\u3000\u30c8\u30ea\u30a2\u30fc\u30b8\u62c5\u5f53\uff1a\u512a\u5148\u9806\u4f4d\u9078\u5b9a\u62c5\u5f53<\/p>\n\n\n\n<p><strong>\u517c\u4efb\u30b0\u30eb\u30fc\u30d7\uff12[G2]\uff08SOC\uff09<\/strong><br>\u3000\u30ea\u30b5\u30fc\u30c1\u30e3\u30fc\uff1a\u60c5\u5831\u53ce\u96c6\u62c5\u5f53<br>\u3000\u30ad\u30e5\u30ec\u30fc\u30bf\u30fc\uff1a\u60c5\u5831\u5206\u6790\u62c5\u5f53<br>\u3000\u30d5\u30a9\u30ec\u30f3\u30b8\u30c3\u30af\u62c5\u5f53<\/p>\n\n\n\n<p><strong>\u517c\u4efb\u30b0\u30eb\u30fc\u30d7\uff13[G3]\uff08\u30bb\u30ad\u30e5\u30c6\u30a3\u6226\u7565\u30fb\u88fd\u54c1\u8a55\u4fa1\uff09<\/strong><br>\u3000\u8106\u5f31\u6027\u8a3a\u65ad\u58eb\uff1a\u8106\u5f31\u6027\u306e\u8a3a\u65ad\u30fb\u8a55\u4fa1\u62c5\u5f53<br>\u3000\u30bd\u30ea\u30e5\u30fc\u30b7\u30e7\u30f3\u30a2\u30ca\u30ea\u30b9\u30c8\uff1a\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u6226\u7565\u62c5\u5f53<\/p>\n\n\n\n<p><strong>\u517c\u4efb\u30b0\u30eb\u30fc\u30d7\uff14[G4]\uff08\u8cc7\u7523\u7ba1\u7406\u30fb\u6559\u80b2\uff09<\/strong><br>\u3000\u30bb\u30eb\u30d5\u30a2\u30bb\u30b9\u30e1\u30f3\u30c8\u62c5\u5f53<br>\u3000\u6559\u80b2\u62c5\u5f53\uff1a\u6559\u80b2\u30fb\u5553\u767a\u62c5\u5f53<\/p>\n\n\n\n<p><strong>\u517c\u4efb\u30b0\u30eb\u30fc\u30d7\uff15[G5]\uff08\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5bfe\u5fdc\uff09<\/strong><br>\u3000\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u30de\u30cd\u30fc\u30b8\u30e3\u30fc\uff1a\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u7ba1\u7406\u62c5\u5f53<br>\u3000\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u30cf\u30f3\u30c9\u30e9\u30fc\uff1a\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u51e6\u7406\u62c5\u5f53<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">2. \u7d44\u7e54\u9593\u306e\u6d41\u308c<\/h2>\n\n\n\n<h4 class=\"wp-block-heading\">2.1 \u6e96\u5099\u6642<\/h4>\n\n\n\n<p>G1 \u2192 G3<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><br>2.2 \u901a\u5e38\u6642<\/h4>\n\n\n\n<p>G4<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><br>2.3 \u767a\u751f\u6642<\/h4>\n\n\n\n<p>G1 \u2192 G5 \u2192 G2<\/p>\n\n\n\n<h4 class=\"wp-block-heading\"><br>2.4 \u5bfe\u5fdc\u6642<\/h4>\n\n\n\n<p>G1 \u2192 G3 \u2192 G4<\/p>\n","protected":false},"excerpt":{"rendered":"\u30b5\u30a4\u30d0\u30fc\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u554f\u984c\u767a\u751f\u6642\u306e\u5bfe\u5fdc\u65b9\u6cd5\u3068\u4f53\u5236\u306e\u5728\u308a\u65b9 \u30a4\u30f3\u30bf\u30fc\u30cd\u30c3\u30c8\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f\u5e38\u306b\u8105\u5a01\u306b\u3055\u3089\u3055\u308c\u3066\u3044\u308b\u70ba\u3001\u554f\u984c\u306f\u5927\u306a\u308a\u5c0f\u306a\u308a\u767a\u751f\u3057\u3046\u308b\u3082\u306e\u3068\u3057\u3066\u3068\u3089\u3048\u3001\u4ee5\u4e0b\u306e\u5bfe\u5fdc\u3092\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002\u4f46\u3057\u3001\u7406\u60f3\u7684\u306a\u4f53\u5236\u306f\u304b\u306a\u308a\u5927\u304d [&hellip;]","protected":false},"author":1,"featured_media":422,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[],"class_list":["post-177","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-knowledge"],"_links":{"self":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/177","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=177"}],"version-history":[{"count":20,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/177\/revisions"}],"predecessor-version":[{"id":467,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/posts\/177\/revisions\/467"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=\/wp\/v2\/media\/422"}],"wp:attachment":[{"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=177"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=177"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/yokohama-infosec-consulting-service.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=177"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}