Ã¥¼Ò°³
Á¤º¸º¸¾È±â»ç ÀÚ°ÝÁõÀº 2013³â ±¹°¡±â¼úÀÚ°ÝÀ¸·Î ÀüȯµÈ ÀÌÈÄ, Àü°ø ¿©ºÎ¿Í °ü°è¾øÀÌ ´©±¸³ª µµÀüÇÒ ¼ö ÀÖ´Â ½ÃÇèÀ¸·Î ÀÚ¸® Àâ¾Ò½À´Ï´Ù. ±×·¯³ª ½ÃÇè ¹üÀ§¿Í ½Ç±â À¯ÇüÀÇ Æ¯¼º»ó, ºñÀü°øÀÚ³ª ÀÔ¹®ÀÚ¿¡°Ô´Â ¿©ÀüÈ÷ ºÎ´ã½º·´°Ô ´À²¸Áö´Â °ÍÀÌ Çö½ÇÀÔ´Ï´Ù.ÀÌ Ã¥Àº ÀÌ·¯ÇÑ ¾î·Á¿òÀ» ÁÙÀ̰íÀÚ, º¸¾È¿¡ °ü½É ÀÖ´Â ´©±¸³ª Á¤º¸º¸¾È±â»ç¡¤»ê¾÷±â»ç ½ÃÇèÀ» ü°èÀûÀ¸·Î ÁغñÇÒ ¼ö ÀÖµµ·Ï ÁýÇʵǾú½À´Ï´Ù. º¹ÀâÇÑ ÀÌ·ÐÀ» ´Ü¼øÈ÷ ³ª¿ÇÏ´Â ´ë½Å, ½ÃÇè¿¡ ÇÊ¿äÇÑ ÇÙ½É °³³ä°ú ¿ø¸®¸¦ Áß½ÉÀ¸·Î ÀÌÇØÇϱ⠽±°Ô ±¸¼ºÇÏ¿´½À´Ï´Ù.ƯÈ÷ ½Ç±â½ÃÇèÀº ´Ü¼ø ¾Ï±â³ª ¹®Á¦ Ç®À̸¸À¸·Î ´ëºñÇÏ±â ¾î·Æ½À´Ï´Ù. µ¿ÀÏÇÑ ÁÖÁ¦¶óµµ ´Ù¾çÇÑ ÇüÅÂÀÇ ¹®Á¦ °¡ ÃâÁ¦µÇ±â ¶§¹®¿¡, ±âº» À̷п¡ ´ëÇÑ Á¤È®ÇÑ ÀÌÇØ¿Í ½ÇÁ¦ Àû¿ë ´É·ÂÀÌ Áß¿äÇÕ´Ï´Ù. À̸¦ À§ÇØ º» ±³Àç´Â ±âÃâ¹®Á¦¸¦ öÀúÈ÷ ºÐ¼®ÇÏ¿© ÇÙ½É ÀÌ·ÐÀ» Á¤¸®Çϰí, ÀÌÇØ¸¦ µ½´Â ½Ç½À ȸé°ú µµ½Ä, °ü·Ã À̹ÌÁö¸¦ dzºÎÇÏ°Ô ¼ö·ÏÇÏ¿´½À´Ï´Ù.º» ±³Àç°¡ Á¤º¸º¸¾È±â»ç¡¤»ê¾÷±â»ç ½ÃÇèÀ» ÁغñÇÏ´Â ¸ðµç ¼öÇè»ý¿¡°Ô ½ÇÁúÀûÀÎ ±æÀâÀ̰¡ µÇ±â¸¦ ¹Ù¶ø´Ï´Ù.ÀÌ Ã¥ÀÇ Æ¯Â¡ 1. Àü»ê¡¤Á¤º¸º¸¾È ºñÀü°øÀÚµµ ÀÌÇØÇÒ ¼ö ÀÖ´Â ±¸¼º'º¸¾ÈÀº ¾î·Æ´Ù'´Â ÀνÄÀ» ÁÙÀ̱â À§ÇØ, °¡´ÉÇÑ ÇÑ ½±°Ô ¼³¸íÇÏ¿´À¸¸ç ½Ç±â½ÃÇèÀÇ Æ¯¼ºÀ» °í·ÁÇÑ ½Ç½À È¸é °ú µµ½Ä, À̹ÌÁö¸¦ ´Ù¼ö ¼ö·ÏÇÏ¿´½À´Ï´Ù.ÀÌ Ã¥ÀÇ Æ¯Â¡ 2. ÃâÁ¦ ±âÁØÀ» Ãæ½ÇÈ÷ ¹Ý¿µÇÑ Ã¼°èÀûÀÎ ±¸¼ºÀϺΠÇнÀ È帧À» °í·ÁÇÏ¿© ¼³¸í ¼ø¼¸¦ Á¶Á¤ÇÏ¿´À¸³ª, Á¤º¸º¸¾È±â»ç ÃâÁ¦ ¿µ¿ª 5°³ µµ¸ÞÀÎ(»ê¾÷±â»ç´Â 4°³ µµ¸ÞÀÎ)À» ¸ðµÎ ¹Ý¿µÇÏ¿´½À´Ï´Ù.ÀÌ Ã¥ÀÇ Æ¯Â¡ 3. 22013³â~2025³â Á¤º¸º¸¾È±â»ç¡¤»ê¾÷±â»ç ±âÃâ¹®Á¦ ºÐ¼®±â»ç ¹× »ê¾÷±â»ç ½Ç±â ±âÃâ¹®Á¦¸¦ ÃÖ´ëÇÑ º¹¿øÇÏ¿© ºÐ¼®Çϰí, ÃâÁ¦ °æÇâÀ» ¹Ý¿µÇÑ ¼³¸íÀ» ¼ö·ÏÇÏ¿´½À´Ï´Ù.ÀÌ Ã¥ÀÇ Æ¯Â¡ 4. ¿Â¶óÀÎ ÀúÀÚ Á÷°°ú ¿¬°èµÈ ±³À纻 ±³Àç¿Í ¿¬°èµÈ ÀúÀÚ Á÷° µ¿¿µ»ó °ÀÇ(À¯·á)¸¦ ÅëÇØ º¸´Ù È¿À²ÀûÀÎ ÇнÀÀÌ °¡´ÉÇϵµ·Ï ±¸¼ºÇÏ¿´½À´Ï´Ù.ÀÌ Ã¥ÀÇ ±¸¼º ¹× Ȱ¿ë¹ý 1-2±Ç ÀÌ·ÐÆíÀÌ·ÐÆíÀº ½Ç±â½ÃÇè¿¡¼ ÃâÁ¦ ºñÁßÀÌ ³ôÀº ¿µ¿ªÀ» Áß½ÉÀ¸·Î ÇÙ½É ÀÌ·ÐÀ» Á¤¸®ÇÑ ±³ÀçÀÔ´Ï´Ù. ½Ç±â½ÃÇèÀÇ Æ¯ ¼ºÀ» °í·ÁÇÏ¿© ´Ü¼ø ¾Ï±â°¡ ¾Æ´Ñ ÀÌÇØ Áß½ÉÀÇ ÇнÀÀÌ °¡´ÉÇϵµ·Ï ±¸¼ºÇÏ¿´À¸¸ç, ¼¼úÇü ¹× ½Ç¹«Çü ¹®Á¦¿¡ ´ëºñ ÇÒ ¼ö ÀÖµµ·Ï ´Ù¾çÇÑ ½Ç½À ȸéÀ» Á¦°øÇÕ´Ï´Ù. ±âÃâ¹®Á¦¸¦ ±â¹ÝÀ¸·Î ÇÑ ÀÌ·Ð ¼³¸íÀ̹ǷÎ, ¹®Á¦ Ç®ÀÌ¿¡ ¾Õ¼ ÃæºÐÈ÷ ÇнÀÇϽñ⠹ٶø´Ï´Ù.ÀÌ Ã¥ÀÇ ±¸¼º ¹× Ȱ¿ë¹ý 3±Ç ¹®Á¦Æí2003³â~2012³â SIS ½Ç±â ±âÃâ¹®Á¦¿Í ±â»ç¡¤»ê¾÷±â»ç ½Ç±â ±âÃâ¹®Á¦¸¦ ºÐ¼®ÇÏ¿© ÃâÁ¦ °¡´É¼ºÀÌ ³ôÀº ¹®Á¦ ¸¦ ¼ö·ÏÇÏ¿´½À´Ï´Ù. ¶ÇÇÑ ´Ü´äÇü¡¤¼¼úÇü¡¤½Ç¹«Çü ¹®Á¦¸¦ ±ÕÇü ÀÖ°Ô ¹èÄ¡Çϰí, ÀÚ¼¼ÇÑ ÇØ¼³°ú º¸Ãæ ¼³¸íÀ» ÅëÇØ ÀÀ¿ë·ÂÀ» ±â¸¦ ¼ö ÀÖµµ·Ï ±¸¼ºÇÏ¿´½À´Ï´Ù.º» ±³ÀçÀÇ Ãâ°£À» µµ¿ÍÁֽŠÁö¾È¿¡µà ÃâÆÇ ´ëÇ¥´Ô°ú °ü°èÀÚ ¿©·¯ºÐ²² ±íÀÌ °¨»çµå¸³´Ï´Ù. ¶ÇÇÑ º£Å¸ Å×½ºÆ® ¿¡ Âü¿©ÇÏ¿© ±³Á¤°ú Á¶¾ðÀ» ¾Æ³¢Áö ¾ÊÀ¸½Å ¸ðµç ºÐ²² °¨»çÀÇ ¸»¾¸À» ÀüÇÕ´Ï´Ù.
ÀúÀÚ¼Ò°³
¼º±Õ°ü´ëÇб³¿¡¼ ÄÄÇ»ÅͰøÇÐ ¼®»ç ÇÐÀ§¸¦ ¹Þ¾Ò´Ù. »õ¸¶À»±Ý°íÁß¾Óȸ Á¤º¸ º¸È£ºÎ/µðÁöÅÐ °³¹ßºÎ¿¡¼ ÀÏÇßÀ¸¸ç, ÇöÀç Áö¾È¿¡µàÀÇ Á¤º¸ º¸¾È ºÐ¾ß °»ç·Î ÀÏÇϰí ÀÖ´Ù. ¾´ Ã¥À¸·Î ¡¶¾Ë±â»ç Á¤º¸º¸¾È±â»ç(»ê¾÷±â»ç) ½Ç±â¡·°¡ ÀÖ´Ù.
¸ñÂ÷
PART 01 ½Ã½ºÅÛSECTION 01 ½Ã½ºÅÛ ±âº» ÇнÀ01. À©µµ¿ì ±âº» ÇнÀ02. UNIX/Linux ±âº» ÇнÀ03. UNIX/Linux ½Ã½ºÅÛ °ü¸®04. UNIX/Linux ¼¹ö º¸¾È05. ½Ã½ºÅÛ ÇØÅ·SECTION 02 UNIX/Linux ¼¹ö Ãë¾àÁ¡01. °èÁ¤ °ü¸®02. ÆÄÀÏ ¹× µð·ºÅ͸® °ü¸®SECTION 03 À©µµ¿ì ¼¹ö Ãë¾àÁ¡01. °èÁ¤ °ü¸®02. ¼ºñ½º °ü¸®03. ·Î±× °ü¸®PART 02 ³×Æ®¿öÅ©SECTION 04 ³×Æ®¿öÅ© ±âº» ÇнÀ01. ³×Æ®¿öÅ©¿Í º¸¾È À§Çù(°ø°Ý)02. OSI 7 °èÃþ(OSI 7 Layer) ¸ðµ¨03. ARP/RARP ÇÁ·ÎÅäÄÝ04. IP(IPv4) ÇÁ·ÎÅäÄÝ05. ICMP ÇÁ·ÎÅäÄÝ06. TCP ÇÁ·ÎÅäÄÝ07. UDP ÇÁ·ÎÅäÄÝ08. ³×Æ®¿öÅ© °ü·Ã ±â¼ú09. ³×Æ®¿öÅ© °ü¸® ¸í·É¾î10. ½º´ÏÇÎ(Sniffing) °ø°Ý11. Æ÷Æ® ½ºÄ³´×(Port Scanning)12. ¼ºñ½º °ÅºÎ(DoS:Denial of Service) °ø°Ý13. ºÐ»ê ¼ºñ½º °ÅºÎ(DDoS:Distributed Denial of Service) °ø°Ý14. DRDoS(Distributed Reflection DoS)15. ¹«¼±·£(Wireless LAN) º¸¾ÈSECTION 05 ³×Æ®¿öÅ© º¸¾È ÇÁ·ÎÅäÄÝ01. °¡»ó »ç¼³¸Á(VPN:Virtual Private Network)02. IP º¸¾È - IPsec(IP Security)03. Àü¼Û °èÃþ º¸¾È - SSL/TLSSECTION 06 ¶ó¿ìÅÍ º¸¾È01. ¶ó¿ìÅÍ ÀÚü º¸¾È02. ¶ó¿ìÅÍ¿Í Á¢±ÙÁ¦¾î(ACL)03. ¶ó¿ìÅ͸¦ ÅëÇÑ ³×Æ®¿öÅ© º¸¾ÈPART 03 ¾ÖÇø®ÄÉÀ̼ÇSECTION 07 ¾ÖÇø®ÄÉÀÌ¼Ç ±âº» ÇнÀ01. DNS(Domain Name System)02. HTTP(Hyper Text Transfer Protocol)03. FTP(File Transfer Protocol)04. SNMP(Simple Network Management Protocol)05. DHCP(Dynamic Host Configuration Protocol)SECTION 08 À¥ ¾ÖÇø®ÄÉÀÌ¼Ç Ãë¾àÁ¡01. SQL Injection Ãë¾àÁ¡02. Å©·Î½º »çÀÌÆ® ½ºÅ©¸³Æ®(XSS:Cross Site Script) Ãë¾àÁ¡03. Å©·Î½º »çÀÌÆ® ¿äû À§Á¶(CSRF:Cross Site Request Forgery) Ãë¾àÁ¡04. ¼¹ö »çÀÌµå ¿äû À§Á¶(SSRF:Server Side Request Forgery) Ãë¾àÁ¡05. ¿î¿µÃ¼Á¦ ¸í·É ½ÇÇà(OS Command Execution) Ãë¾àÁ¡06. ÆÄÀÏ ¾÷·Îµå(File Upload) Ãë¾àÁ¡07. ÆÄÀÏ ´Ù¿î·Îµå(File Download) Ãë¾àÁ¡08. °æ·Î ÃßÀû(Path Traversal) Ãë¾àÁ¡09. ÆÄÀÏ »ðÀÔ(File Inclusion) Ãë¾àÁ¡10. URL/ÆÄ¶ó¹ÌÅÍ º¯Á¶ Ãë¾àÁ¡11. ºÒÃæºÐÇÑ ¼¼¼Ç °ü¸® Ãë¾àÁ¡12. Á¤º¸´©Ãâ Ãë¾àÁ¡13. ±âŸ À¥ ¾ÖÇø®ÄÉÀÌ¼Ç Ãë¾àÁ¡14. °³¹ß º¸¾È°ü¸®SECTION 09 À¥ ¼¹ö Ãë¾àÁ¡01. µð·ºÅ͸® ¸®½ºÆÃ(Directory Listing) Ãë¾àÁ¡02. À¥ ¼ºñ½º ¸Þ¼Òµå ¼³Á¤ Ãë¾àÁ¡03. °ü¸®ÀÚ ÆäÀÌÁö ³ëÃâ Ãë¾àÁ¡04. À§Ä¡°ø°³ Ãë¾àÁ¡05. °Ë»ö¿£Áø Á¤º¸ ³ëÃâ Ãë¾àÁ¡06. ±âŸ À¥¼¹ö º¸¾È ´ëÃ¥(¾ÆÆÄÄ¡ ±âÁØ)07. À¥ ·Î±× ºÐ¼®08. º¸¾È¼¹ö(Security Server) ±¸ÃàSECTION 10 À̸ÞÀÏ(E-Mail) º¸¾È01. À̸ÞÀÏ ½Ã½ºÅÛ ±¸Á¶02. SMTP ¸ÞÀÏ Çü½Ä03. ¸ÞÀϼ¹ö(sendmail) º¸¾È ¼³Á¤04. À̸ÞÀÏ ÀÎÁõ ±â¼ú(½ºÆÔ ¸ÞÀÏ ¹æÁö ±â¼ú)SECTION 11 µ¥ÀÌÅͺ£À̽º º¸¾È01. µ¥ÀÌÅͺ£À̽º º¸¾È À§Çù°ú ÅëÁ¦02. DBMS º¸¾È ÅëÁ¦03. µ¥ÀÌÅͺ£À̽º ¾ÏÈ£È ±â¼ú04. µ¥ÀÌÅͺ£À̽º(MySQL) Ãë¾àÁ¡ Á¡°ËSECTION 12 Ŭ¶ó¿ìµå ÄÄÇ»ÆÃ º¸¾È01. Ŭ¶ó¿ìµå ÄÄÇ»ÆÃ °³¿ä ¹× Ư¡02. Ŭ¶ó¿ìµå ÄÄÇ»ÆÃ ºÐ·ù03. Ŭ¶ó¿ìµå ±â¹Ý º¸¾È ¼ºñ½º : SecaaSPART 04 Ä§ÇØ»ç°í ºÐ¼® ¹× ´ëÀÀSECTION 13 º¸¾ÈÀåºñ ¿î¿µ01. Snort ħÀÔŽÁö½Ã½ºÅÛ02. iptables ħÀÔÂ÷´Ü½Ã½ºÅÛ03. º¸¾È ¼Ö·ç¼Ç Á¾·ù ¹× Ư¡04. ³×Æ®¿öÅ© º¸¾ÈÀåºñ ¿î¿µ05. º¸¾È ¼Ö·ç¼Ç(Àåºñ) Ãë¾àÁ¡SECTION 14 ½Ã½ºÅÛ Á¡°Ë µµ±¸01. Ãë¾àÁ¡(Vulnerability) Á¡°Ë µµ±¸(nessus/nikto)02. ¹«°á¼º(Integrity) Á¡°Ë µµ±¸(tripwire)03. ·çƮŶ(Rootkit) Á¡°Ë µµ±¸(chkrootkit)SECTION 15 Ä§ÇØ»ç°í À¯Çüº° ½Ã³ª¸®¿À01. ¸®¹ö½º ½©(Reverse Shell) Ä§ÇØ »ç°í ½Ã³ª¸®¿À02. ·çƮŶ(Rootkit) Ä§ÇØ »ç°í ½Ã³ª¸®¿À03. DBD(Drive By Download) Ä§ÇØ »ç°í ½Ã³ª¸®¿À04. ¾Ç¼ºÄÚµå ÇàÀ§ ºÐ¼® ½Ã³ª¸®¿À05. ¿öÅ͸µ Ȧ(Watering Hole) Ä§ÇØ»ç°í ½Ã³ª¸®¿ÀSECTION 16 ÁÖ¿ä Ãë¾àÁ¡(Vulnerability)01. GNU Bash Ãë¾àÁ¡(ShellShock)02. SSL/TLS °ü·Ã Ãë¾àÁ¡03. NTP ºÐ»ê ¼ºñ½º °ÅºÎ(DDoS) Ãë¾àÁ¡04. SSDP ºÐ»ê ¼ºñ½º °ÅºÎ(DDoS) Ãë¾àÁ¡PART 05 Á¤º¸º¸¾È ÀϹÝ/°ü¸®SECTION 17 Á¤º¸º¸¾È ÀϹÝ/°ü¸®01. Á¤º¸º¸È£ °³¿ä02. Á¢±ÙÅëÁ¦(Á¢±ÙÁ¦¾î, Access Control)03. Á¤º¸º¸È£Á¤Ã¥04. À§Çè°ü¸®(Risk Management)05. ¾÷¹« ¿¬¼Ó¼º °èȹ(BCP)/ÀçÇØº¹±¸°èȹ(DRP)06. Ä§ÇØ»ç°í ´ëÀÀ07. µðÁöÅÐ Æ÷·»½Ä(Digital Forensic)08. °øÅëÆò°¡±âÁØ(CC : Common Criteria)09. »çȸ°øÇÐ ±â¹ý10. Á¤º¸º¸È£ ¹× °³ÀÎÁ¤º¸º¸È£ °ü¸®Ã¼°è(ISMS-P) ÀÎÁõPART 06 Á¤º¸º¸¾È ¹ý±ÔSECTION 18 Á¤º¸º¸¾È ¹ý±Ô01. ¹ý±Ô °³¿ä02. °³ÀÎÁ¤º¸ º¸È£¹ý(½ÃÇà:2025.10.02.)03. °³ÀÎÁ¤º¸ÀÇ ¾ÈÀü¼º È®º¸Á¶Ä¡ ±âÁØ(½ÃÇà:2025.10.31.)04. Á¤º¸Åë½Å¸Á ÀÌ¿ëÃËÁø ¹× Á¤º¸º¸È£ µî¿¡ °üÇÑ ¹ý·ü (½ÃÇà:2025.10.01.)05. Á¤º¸Åë½Å±â¹Ý º¸È£¹ý(½ÃÇà:2025.01.24.)06. ÀüÀÚ¼¸í¹ý(½ÃÇà:2022.10.20.)07. À§Ä¡Á¤º¸ÀÇ º¸È£ ¹× ÀÌ¿ë µî¿¡ °üÇÑ ¹ý·ü(½ÃÇà:2025.10.01.)¹®Á¦ÆíSection 01 ½Ã½ºÅÛ º¸¾È01. ½Ã½ºÅÛ º¸¾È ´Ü´äÇü02. ½Ã½ºÅÛ º¸¾È ¼¼úÇü03. ½Ã½ºÅÛ º¸¾È ½Ç¹«ÇüSection 02 ³×Æ®¿öÅ© º¸¾È01. ³×Æ®¿öÅ© º¸¾È ´Ü´äÇü02. ³×Æ®¿öÅ© º¸¾È ¼¼úÇü03. ³×Æ®¿öÅ© º¸¾È ½Ç¹«ÇüSection 03 ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È01. ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ´Ü´äÇü02. ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ¼¼úÇü03. ¾ÖÇø®ÄÉÀÌ¼Ç º¸¾È ½Ç¹«ÇüSection 04 Ä§ÇØ»ç°í ºÐ¼® ¹× ´ëÀÀ01. Ä§ÇØ»ç°í ºÐ¼® ¹× ´ëÀÀ ´Ü´äÇü02. Ä§ÇØ»ç°í ºÐ¼® ¹× ´ëÀÀ ¼¼úÇü03. Ä§ÇØ»ç°í ºÐ¼® ¹× ´ëÀÀ ½Ç¹«ÇüSection 05 Á¤º¸º¸¾È ÀϹÝ01. Á¤º¸º¸¾È ÀÏ¹Ý ´Ü´äÇü02. Á¤º¸º¸¾È ÀÏ¹Ý ¼¼úÇü03. Á¤º¸º¸¾È ÀÏ¹Ý ½Ç¹«ÇüSection 06 Á¤º¸º¸¾È°ü¸®/¹ý±Ô01. Á¤º¸º¸¾È°ü¸®/¹ý±Ô ´Ü´äÇü02. Á¤º¸º¸¾È°ü¸®/¹ý±Ô ¼¼úÇü03. Á¤º¸º¸¾È°ü¸®/¹ý±Ô ½Ç¹«ÇüºÎ·Ï¸í·É¾î ¿ä¾à