sigurnost raČunarskih mreŽa (srm) - dragan...
TRANSCRIPT
![Page 1: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/1.jpg)
SIGURNOST RAČUNARSKIH MREŽA (SRM)
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
Tema 15:
Planiranje održanja kontinuiteta posla i oporavka od nesreća
![Page 2: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/2.jpg)
URLs:
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
2
� Zvanična Web strana: www.viser.edu.rs/predmeti.php?id=122
� Dodatni resursi: www.conwex.info/draganp/teaching.html
� Knjige:
www.conwex.info/draganp/books.html
� Teme za seminarske radove:www.conwex.info/draganp/SRM_seminarski_radovi.html
![Page 3: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/3.jpg)
Napomena
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
3
� Ovo je skraćena verzija prezentacije / predavanja na temu“Planiranje održanja kontinuiteta posla i oporavka od
nesreća”
![Page 4: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/4.jpg)
Planiranje održanja kontinuiteta posla i oporavka od nesreća
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
4
� Sadržaj poglavlja i predavanja:� 15.1 Planiranje održanja kontinuiteta posla
� 15.2 Planiranje oporavka od nesreće
� 15.3 Rezervne kopije podataka
� 15.4 Forenzička analiza
![Page 5: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/5.jpg)
Quote
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
5
"Just because the river is quiet does not mean the crocodiles have left.”
– Malay proverb
![Page 6: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/6.jpg)
Potrebna predznanja
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
6
� Programiranje
� Za primenu:
� Računarske mreže i protokoli
� Operativni sistemi
� Sistemsko programiranje
� Strukture i modeli podataka, baze podataka
![Page 7: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/7.jpg)
BC i DR Planning
� Business Continuity and Disaster recoveryplanning are processes that help organizations prepare for disruptive events
� Business Continuity and Disaster recovery refers to an organization’s ability to recover from a unexpected event and/or disaster and resume or continue operations. Organizations should have a plan in place (usually referred to as a „Business Continuity Plan“ or „Disaster Recovery Plan“) that outlines how this will be accomplished. The key to successful disaster recovery is to have a plan (emergency plan, disaster recovery plan, continuity plan) well before disaster ever strikes.
7Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
![Page 8: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/8.jpg)
Planiranje održanja kontinuiteta posla
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
8
� Planiranje održanja kontinuiteta posla (engl. Business Continuity Planning)� Sposobnost organizacije da se oporavi od nesreće ili neočekivanog
remetilačkog događaja i nastavi rad.
� Planiranje i stvaranje strukture koja će obezbediti nastavak posla u slučaju nesreće ili remetilačkog događaja� pripremu i testiranje radnji neophodnih za zaštitu ključnih poslovnih procesa od
posledica velikih sistemskih i mrežnih kvarova.
� Odnosi se na sve važne oblasti obrade informacija u kompaniji, štorecimo uključuje, ali nije ograničeno na:� servere, storage sisteme
� telekomunikacione veze i veze za prenos podataka
� najbitnije radne stanice, prostor za rad, aplikacije i podatke
� proizvodne i poslovne procese.
![Page 9: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/9.jpg)
Planiranje održanja kontinuiteta posla…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
9
� Remetilački događaj� bilo koja namerna ili nenamerna povreda sigurnosti kojom se
obustavlja tok normalnih operacija� prirodno izazvani (viša sila):
� požari, eksplozije, ili izlivanje materija opasnih po okolinu,
� zemljotresi, oluje, poplave i požari usled prirodnih nepogoda,
� nestanci struje ili drugi kvarovi.
� koje izazivaju ljudi� podmetanje bombi, sabotaža ili drugi namerni napadi,
� štrajkovi i druge poslovne aktivnosti,
� nedostupnost zaposlenih ili operatera zbog hitne evakuacije
� kvarovi komunikacione infrastrukture ili zastoji nastali njenim ispitivanjem.
![Page 10: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/10.jpg)
Standard BS 25999
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
10
� British Standards Institution (BSI), BS 25999
� Produced by the British Standards Institution (BSI), BS 25999 is a Business Continuity Management (BCM) standard in two parts.
� “BS 25999-1:2006 Business Continuity Management. Code of Practice”, takes the form of general guidance and seeks to establish processes, principles and terminology for Business Continuity Management.
� “BS 25999-2:2007 Specification for Business Continuity Management”, specifies requirements for implementing, operating and improving a documented Business Continuity Management System (BCMS), describing only requirements that can be objectively and independently audited.
![Page 11: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/11.jpg)
Standard ISO/IEC 27031:2011
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
11
� ISO/IEC 27031:2011 - Information technology -- Security techniques --Guidelines for information and communication technology readiness for business continuity� Abstract :
� ISO/IEC 27031:2011 describes the concepts and principles of information and communication technology (ICT) readiness for business continuity, and provides a framework of methods and processes to identify and specify all aspects (such as performance criteria, design, and implementation) for improving an organization's ICT readiness to ensure business continuity. It applies to any organization (private, governmental, and non-governmental, irrespective of size) developing its ICT readiness for business continuity program (IRBC), and requiring its ICT services/infrastructures to be ready to support business operations in the event of emerging events and incidents, and related disruptions, that could affect continuity (including security) of critical business functions. It also enables an organization to measure performance parameters that correlate to its IRBC in a consistent and recognized manner.
� The scope of ISO/IEC 27031:2011 encompasses all events and incidents (including security related) that could have an impact on ICT infrastructure and systems. It includes and extends the practices of information security incident handling and management and ICT readiness planning and services.
![Page 12: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/12.jpg)
Planiranje održanja kontinuiteta posla
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
12
� Životni ciklus procesa planiranja kontinuiteta posla
![Page 13: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/13.jpg)
Planiranje održanja kontinuiteta posla...
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
13
![Page 14: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/14.jpg)
Planiranje oporavka od nesreće
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
14
� Planiranje oporavka od nesreće (engl. Disaster Recovery Planning)
� Omogućavanje implementacije važnih procesa na drugom(rezervnom) mestu, i vraćanje na prvobitno mesto i obradu u što kraćem vremenskom okviru.
� Više načina:� recipročna pomoć
� vrelo, toplo i hladno mesto
� više centara
![Page 15: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/15.jpg)
Planiranje oporavka od nesreće
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
15
� Uzajamna (recipročna) pomoć� obe strane se dogovaraju da podržavaju jedna drugu u slučaju
remetilačkog događaja.
� sporazum se pravi na bazi pretpostavke da će svaka odorganizacija članica sporazuma, biti u mogućnosti da podrži onudrugu u trenutku kada se ukaže potreba
� druga kompanija treba da ima slične hardverske ili softverskekonfiguracije, komunikacionu infrastrukturu kao i vašaorganizacija.
![Page 16: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/16.jpg)
Planiranje oporavka od nesreće…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
16
� Vrelo mesto (engl. hot site) � “The very best of” tj. najbolje rešenje, ali ima veliku cenu
� potpuno konfigurisana kompjuterizovana lokacija sa sopstvenim napajanjem, HVAC (Heating, Ventilating, and Air Conditioning), i funkcionalnim serverima datoteka / štampača i radnim stanicama.
� Aplikacije su instalirane su na serverima i radnim stanicama i redovno se ažuriraju da bi imitirali produkcioni sistem.
� Teoretski, osoblje može da ušeta, odradi zadnji restore sainkrementalnog backupa i započe normalne operacije za veoma kratkovreme.
![Page 17: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/17.jpg)
Planiranje oporavka od nesreće…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
17
� Hladno mesto (engl. cold site) � najmanje spremno od sve tri opcije
� verovatno se najčešće koristi (prvenstveno zbog niske cene). � soba sa napajanjem i HVAC-om
� na mestu ne postoji nikakav kompjuterski hardver
� spremno je za unos računarske opreme u vanrednoj situaciji
� aplikacije će morati da budu instalirane i tekući podaci vraćeni sa rezrevnih kopija
![Page 18: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/18.jpg)
Planiranje oporavka od nesreće…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
18
� Toplo mesto (engl. warm site) � Zlatna sredina
� kompjuterizovana lokacija, sa sopstvenim napajanjem i HVAC,
� Može imati servere datoteka / štampača, ali ne i čitav skup radnih stanica
� Aplikacije nisu instalirane
� Da bi se na ovom tipu mesta omogućila udaljena obrada, radne staniceće morati da budu isporučene brzo, a aplikacije i njihovi podaci moraćeda se vrate sa rezervnih kopija.
![Page 19: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/19.jpg)
Arhiviranje i rezervne kopije
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
19
� Arhiviranje i backup su veoma značajni� neophodno za oba procesa
� arhiviranje – podaci korisnika radnih stanica� dužnost zaposlenih, tj. korisnika
� backup – OS, mreža (npr. Active Directory), aplikacije od značaja, servisi, podaci� dužnost administratora
� Softver� Linux – dosta besplatnih alata. U krajnjem slučaju, tar i cpio + cron mogu sasvim
korisno poslužiti.
� Windows – ima komercijalnih i besplatnih alata, kao i alata koji su sastavni deo operativnog sistema.
![Page 20: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/20.jpg)
Računarska forenzička analiza
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
20
� Sigurnost kao proces:� Procena
� Zaštita
� Otkrivanje
� Odgovor� “zakrpi i nastavi” ili
� “goni i sudi”
� Odgovor “goni i sudi” zahteva primenu forenzičke analize za prikupljanjedokaza.
![Page 21: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/21.jpg)
Računarska forenzička analiza
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
21
� Razlikuje se od klasične forenzičke analize
� Digitalni dokazi mnogo ranjiviji od fizičkih� veštom napadaču mnogo lakše da ukloni tragove svog delovanja
� nepažljivo ili nestručno sprovođenje istrage takođe može rezultirati gubitkom ključnih podataka
� za utvrđivanje postojanja dokaza potrebno je sprovesti sveobuhvatnu analizu računarskog sistema i mreže.
![Page 22: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/22.jpg)
Računarska forenzička analiza…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
22
� Proces forenzičke analize� Prikupljanje podataka i dokaza
� live system acquisition – memory dump� npr. linux: pregledati fajlove /dev/mem i /proc/kcore
� disk data acquisition� npr. windows: recycle bin, registry, temp, sys.vol.info
� decryption / cryptanalysis
� Analiza dokaznih materijala� Analiza vremenskog redosleda događaja
� Analiza skrivenih podataka
� Analiza aplikacija i datoteka
� Analiza vlasništva
![Page 23: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/23.jpg)
Računarska forenzička analiza…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
23
� Forenzički alati� The Sleuth Kit / Autopsy Browser
� analiza sadrža direktorijuma, uključujući i izbrisane datoteke,
� analiza sadržaja datoteka (u ASCII ili hex formatu, moguća ekstrakcija delovadatoteka),
� praćenje vremenskog redosleda događaja na osnovu vremena pristupa i izmene objekata,
� pretraživanje sadržaja na osnovu regularnih izraza,
� analiza metapodataka u sistemu datoteka, itd.
![Page 24: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/24.jpg)
TSK
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
24
![Page 25: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/25.jpg)
Računarska forenzička analiza…
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
25
� Forenzički alati� Helix CD
� varijacija Knoppixa prilagođena forenzici
� Podiže se sa CD-a, ne ostavlja tragove niti obavlja bilo kakve izmene nasistemu koji se analizira (što se i očekuje od ozbiljnog forenzičkog alata)
� sadrži gomilu forenzičkih alata uključujući TSK
� omogućava Live Acquisition na Windows sistemima
� ono što je BackTrack za pen.test, to je Helix za forenzičar
� www.e-fense.com/helix/
![Page 26: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/26.jpg)
Helix
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
26
![Page 27: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/27.jpg)
Literatura
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
27
� D. Pleskonjić, N. Maček, B. Đorđević, M. Carić: “Sigurnost računarskih sistema i mreža”, Mikro knjiga, Beograd, 2007., ISBN: 978-86-7555-305-2, knjiga – udžbenik
� www.conwex.info/draganp/books_SRSiM.html
� www.mikroknjiga.rs/store/prikaz.php?ref=978-86-7555-305-2
� Za predavanje 15:
� Poglavlje 15: Planiranje održanja kontinuiteta posla i oporavka od nesreća
![Page 28: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/28.jpg)
Literatura - nastavak
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
28
� D. Pleskonjić, B. Đorđević, N. Maček, Marko Carić: “Sigurnost računarskih mreža”, Viša elektrotehnička škola, Beograd, 2006., ISBN 86-85081-16-5, knjiga - udžbenik
� D. Pleskonjić, B. Đorđević, N. Maček, Marko Carić: “Sigurnost računarskih mreža - priručnik
za laboratorijske vežbe”, Viša elektrotehnička škola, Beograd, 2006., ISBN 86-85081-49-1
� D. Pleskonjić, B. Đorđević, N. Maček, Marko Carić: “Sigurnost računarskih mreža - zbirka
rešenih zadataka”, Viša elektrotehnička škola, Beograd, 2006., ISBN 86-85081-55-6
www.conwex.info/draganp/books.html
![Page 29: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/29.jpg)
Dodatna literatura
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
29
� Applied Cryptography
Bruce Schneier
John Wiley & Sons, 1995
� Cryptography and Network Security
William StallingsPrentice Hall, 1998
� The CISSP Prep Guide – Mastering the Ten Domains of Computer Security
Ronald L. Krutz, Russell Dean VinesJohn Wiley & Sons, 2001
Druge knjige i razni online resursi
� Napomena: tokom predavanja će biti naglašena dodatna literatura, po potrebi.
![Page 30: SIGURNOST RAČUNARSKIH MREŽA (SRM) - Dragan …dragan-pleskonjic.com/wp-content/uploads/2017/01/SRM_Predavanje_… · ISO/IEC 27031:2011 describes the concepts and principles of](https://reader034.vdocuments.site/reader034/viewer/2022042801/5a8653017f8b9ac96a8d0724/html5/thumbnails/30.jpg)
Pitanja
Copyright © 2005-2011 Dragan Pleskonjic. All Rights Reserved.
30
?