400-626-7377設(shè)置,provisioning。其本來的意思是供應(yīng)
287設(shè)置,provisioning。其本來的意思是供應(yīng)、條款等,在計(jì)算機(jī)中,經(jīng)常翻譯為設(shè)置,例如:The provisioning process completed successfully,設(shè)置過程成功完成。而且對(duì)照A.9.2.1描述,也可以猜測(cè)就是這個(gè)意思。其中有這樣的說法: Providing or revoking access to information or information processing facilities is usually a two step procedure:a) assigning and enabling, or revoking,a user ID;b)providing, or revoking, access rights to such user ID (see 9.2.2)。注意b)提供或撤銷這些用戶ID的訪問權(quán)(見9.2.2),也就是說9.2.2是討論這個(gè)問題的,當(dāng)然,直接看其內(nèi)容也可以判斷。
289本節(jié)在ISO/IEC 27001:2005中為:特權(quán)管理(Privilege management),ISO/IEC 27001:2013改成了Management of privi - 2加在ISO/IEC 27002: 2013的“其他信息”中解釋:Inappropriate use of system administration privileges (any feature or facility of an information system that enables the user to override system or application controls) is a major contributory factor to fail -ures or breaches of systems,大致意思是:系統(tǒng)管理員特權(quán)的不適當(dāng)使用(任何能超越系統(tǒng)或應(yīng)用控制信息系統(tǒng)的特征或便利)是系統(tǒng)失效或違反的主要原因。
