This Standard specifies the testing and evaluation approaches for network vulnerability scanners that adopt Transmission Control Protocol and Internet Protocol (TCP/IP). This Standard is applicable to the testing and evaluation, R and D and application of security products for manual or automatic network vulnerability scan on computer information system. This Standard is not applicable to products specialized for vulnerability scan on database system.
Basic Data
Standard ID
GB/T 20280-2006 (GB/T20280-2006)
Description (Translated English)
Information security technology -- Testing and evaluation approaches for network vulnerability scanners
Sector / Industry
National Standard (Recommended)
Classification of Chinese Standard
L80
Classification of International Standard
35.040
Word Count Estimation
41,488
Date of Issue
2006-05-31
Date of Implementation
2006-12-01
Quoted Standard
GB/T 5271.8-2001; GB/T 20278-2006
Regulation (derived from)
China Announcement of Newly Approved National Standards No. 7, 2006 (No. 94 overall)
Issuing agency(ies)
General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary
This standard specifies requirements for using the Transmission Control Protocol and Internet Protocol (TCP/IP) network vulnerability scanning product testing and evaluation methods. This standard applies to computer information system for manual or automated network vulnerability scanning as a security product evaluation, development and application. This standard does not apply exclusively to the database system vulnerability scanning products.
