Security Architecture Flashcards
1
Q
什么是 Security Architecture?(What is Security Architecture?)
A
它就像网络世界的建筑图,规定公司该怎么设计系统、建好防火墙、放哪加密、谁能访问什么。
It’s like a blueprint for your IT systems — deciding how to build security walls, where to put encryption, and who can access what.
2
Q
为什么我们要有 Security Architecture?(Why do we need it?)
A
没它就像盖房子不打地基,安全漏洞到处都是,黑客分分钟溜进来。
Without it, it’s like building a house without a foundation — full of holes for hackers to sneak in.
3
Q
Security Architecture 涉及哪些东西?(What does Security Architecture include?)
A
包括服务器部署方式(本地还是云端)、权限管理、网络设计、加密策略、安全设备位置……
It covers how systems are deployed (on-prem or cloud), who has access, how networks are built, where encryption is used, and what security devices are installed.
4
Q
安全架构跟日常有什么关系?(Why should I care about this as a beginner?)
A
你写的网站放在什么地方、怎么设置用户权限、防火墙有没有拦住奇怪的流量……这些都算是“架构决策”。
Even your website’s hosting, login rules, and firewall settings are part of security architecture — so you’re already using it!
5
Q
它和后面学的内容有什么关系?(How does this connect to other chapters?)
A
后面讲的云端、虚拟化、微服务、IoT、安全设备,其实全是建筑材料!你要学会用对方式,把它们拼成一个安全系统。
Cloud, virtualization, microservices, IoT — they’re all building blocks. Security Architecture is about putting them together the right way.
6
Q
什么是 On-Premise?(What is On-Premise?)
A
就是自己公司买服务器、放机房,自己维护系统、网络、电源和安全。
It means your company owns and maintains the servers, usually in an on-site data room. You handle everything yourself.
7
Q
什么是 Cloud?(What is Cloud?)
A
就是把服务器租在别人家,比如 AWS、Google Cloud、Azure,他们负责底层运维,你只负责用。
You rent computing power from someone else — like AWS or Azure — and they manage the hardware while you use the services.
8
Q
本地部署有什么好处?(What are the advantages of On-Premise?)
A
自己完全控制、数据不出公司、定制性高,但成本大、扩展慢。
You have full control and keep data in-house. It’s customizable but expensive and harder to scale.
9
Q
云端部署有什么好处?(What are the advantages of Cloud?)
A
用多少付多少,弹性伸缩快,省心不用管硬件,但需要信任厂商,权限要设好。
You pay as you go, can scale easily, and don’t deal with hardware. But it requires trust in the provider and careful access management.
10
Q
什么是 Hybrid Cloud?(What is Hybrid Cloud?)
A
一部分服务放本地,一部分放云里,既有控制力又有灵活性。
It’s a mix — some services stay on-prem, some go to the cloud. It gives you control and flexibility.
11
Q
云端的最大挑战是什么?(What’s the biggest challenge in the cloud?)
A
是“安全责任分担”,你以为别人负责一切,其实你的数据和权限要自己管。
Shared responsibility: people think the provider handles everything, but your data and access control are still your job.
12
Q
怎么简单记住两者区别?(How to remember the difference easily?)
A
本地 = 自建房子,云端 = 租房子住。自建贵但全权掌控,租房灵活但规矩多。
On-Prem = building your own house (costly but full control); Cloud = renting a house (flexible but rules apply).
13
Q
为什么云安全这么重要?(Why is cloud security such a big deal?)
A
因为云是开放的、共享的、动态的,一不小心就把自己的数据暴露给全世界。
Because the cloud is shared, open, and always changing — one misstep and your data might be exposed to the world.
14
Q
什么是“共享责任模型”?(What is the shared responsibility model?)
A
云平台管基础设施(硬件、电力、物理安全),你负责数据、权限、设置和账号安全。
The cloud provider handles infrastructure; you’re responsible for your data, settings, and user access.
15
Q
什么是“共享服务器风险”?(What is shared server vulnerability?)
A
你和别人家的虚拟机住在同一个物理服务器上,如果别人被黑了,你也可能中招。
Multiple customers share the same physical server — if one is hacked, others might be affected too.
16
Q
虚拟机配置不当有什么危险?(What happens if you misconfigure a VM?)
A
黑客可能轻松连进来,查看数据或横向入侵其他系统。
Hackers can sneak in, view data, or jump between systems — like leaving a door wide open.
17
Q
权限管理为什么是大坑?(Why is access control a big problem in the cloud?)
A
给多了权限、没设 MFA、大家共用账号,这些都可能让黑客轻松拿到管理员。
Too much access, no MFA, and shared logins make it easy for attackers to become admins.
18
Q
什么是“单点故障”?(What’s a single point of failure?)
A
比如你只用一个数据中心,它宕机了,整个服务跟着挂掉。
If one key part — like a data center — fails and takes your entire service down, that’s a SPOF.
19
Q
“冷知识”:云也有“数据残留”?(What are data remnants?)
A
删除文件后其实还残留在硬盘里,别人可能恢复读取。
When you delete something in the cloud, it might still exist in hidden places and be recoverable.
20
Q
怎么避免云安全问题?(How do you avoid cloud security risks?)
A
开启 MFA、用加密、定期检查权限、及时打补丁、改默认密码、设置日志监控。
Enable MFA, encrypt data, review permissions, patch regularly, change default settings, and log everything.
21
Q
云的更新速度快,我们怎么跟得上?(Cloud moves fast — how do we stay secure?)
A
用 CSPM 工具(Cloud Security Posture Management),自动帮你发现风险配置。
Use CSPM tools to automatically scan for weak or risky configurations.
22
Q
总结一句话云安全?(Cloud security in one sentence?)
A
云平台再强,也守不住你自己把大门敞开;配置+加密+权限控制,三重保险才安心。
Even the best cloud provider can’t protect you from your own mistakes — secure configs, encryption, and access control are key.
23
Q
什么是虚拟化?
A
就是一台电脑里“模拟出很多台电脑”,每台都像独立的服务器。
It means one physical machine pretends to be many — each acting like its own server.
24
Q
什么是 Hypervisor?它有几种?
A
它是管理虚拟机的“房东”,Type 1 是直接装在硬件上,Type 2 是装在已有操作系统里。
It’s the manager of virtual machines. Type 1 runs on hardware (bare metal), Type 2 runs on top of another OS.
25
虚拟机的常见风险有哪些?
被黑客“越狱”跳出来(VM Escape)、权限被提权、迁移时数据被截取、旧数据没清干净。
## Footnote
Risks include VM escape, privilege escalation, intercepted live migration, and leftover data exposure.
26
什么是容器?和虚拟机有啥区别?
容器更轻便,它不需要自己的操作系统,只用宿主机的一份“共享厨房”。
## Footnote
Containers are lightweight — they share the host OS instead of running their own.
27
容器的优点有哪些?
启动快、占资源少、移植方便,非常适合微服务和云环境。
## Footnote
They start fast, use less resources, and are highly portable — great for cloud and microservices.
28
常见的容器工具有哪些?
Docker(打包跑容器),Kubernetes(管理很多容器),OpenShift(企业版管理平台)。
## Footnote
Docker for running, Kubernetes for managing, OpenShift for enterprise-level orchestration.
29
容器也有安全问题吗?
有的,比如容器逃逸、恶意镜像、没有权限控制、共用资源被滥用。
## Footnote
Yes — risks include container escape, malicious images, shared resource abuse, and weak access control.
30
怎么保护虚拟机和容器?
用官方模板、打补丁、网络隔离、限制访问、加密 VM 文件、监控使用情况。
## Footnote
Use official templates, apply patches, isolate networks, limit access, encrypt VM files, and monitor behavior.
31
什么是“虚拟化蔓延”?
就是乱建虚拟机没人管理,浪费资源又增加攻击面。
## Footnote
It’s when VMs keep multiplying without proper oversight — wasting resources and increasing risks.
32
容器适合什么场景?
当你需要快速部署、跨平台运行、资源有限,或使用微服务架构时。
## Footnote
When you need fast deployment, cross-platform apps, or are using microservices with limited resources.
33
什么是 Serverless?它真的没有服务器吗?(What is serverless? Does it mean no servers?)
不是真的没服务器,是你不用管服务器,由云平台帮你偷偷打理一切。
## Footnote
It doesn’t mean there are no servers — it just means you don’t manage them, the cloud provider does.
34
Serverless 最常见的模式是啥?(What is the most common serverless model?)
FaaS(Function as a Service):你写一个函数,事件触发后自动执行。
## Footnote
FaaS — Function as a Service. You write a function, and it runs when triggered.
35
举个例子说明 serverless 的工作方式(Give an example of how serverless works)
用户点击“提交”,触发一个函数去发邮件或保存订单,系统用完即丢,不用一直运行。
## Footnote
User clicks “Submit”, a function runs to send email or save data, then shuts down — no server always running.
36
Serverless 有哪些优点?(What are the benefits of serverless?)
便宜(用多少付多少)、省事(不用维护)、能自动扩展、上线快。
## Footnote
It’s cheap (pay-as-you-go), easy (no server maintenance), scalable, and fast to launch.
37
Serverless 也有问题吗?(Are there any downsides?)
有,比如冷启动延迟、平台限制多、调试困难、容易被厂商“绑定死”(Vendor Lock-in)。
## Footnote
Yes — cold starts cause delays, debugging is tricky, usage limits apply, and vendor lock-in can trap you.
38
什么是“冷启动”?(What is a cold start?)
函数很久没用,再次调用时系统要“先醒过来”,会比平时慢几秒。
## Footnote
If a function hasn’t run for a while, it takes extra time to “wake up” — causing a delay.
39
什么是 Vendor Lock-in?(What is vendor lock-in?)
你用了 A 平台的专属功能,之后换平台就要重写代码,麻烦又花钱。
## Footnote
You depend on specific features of one cloud provider — switching later can be costly and difficult.
40
Serverless 和微服务搭配怎么样?(How does serverless work with microservices?)
非常合适!每个函数可以代表一个小服务,灵活部署又独立运行。
## Footnote
They’re a great match — each function acts like a small service, easy to scale and manage.
41
Serverless 的账单怎么算?(How is serverless billed?)
调用一次收一次钱,代码不运行就不收钱。
## Footnote
You’re billed by the number of invocations and time used — no idle charges.
42
什么类型的应用适合用 serverless?(What kind of apps fit serverless?)
简单功能、事件驱动、小工具、API 服务、后台任务处理等。
## Footnote
Event-driven apps, APIs, automation tasks, or tools with infrequent use.
43
什么是微服务?(What is a microservice?)
是把一个大系统拆成很多“小模块”,每个模块只负责一件事,可以独立开发、部署和扩展。
## Footnote
It’s breaking a big application into many small services — each does one job and can be built and deployed independently.
44
微服务和单体应用有什么区别?(How is microservices different from monolithic apps?)
单体是一整块,出问题全挂;微服务是拼图,坏一个不影响其他。
## Footnote
Monolithic apps are one big block — if one part fails, the whole thing can crash. Microservices are like puzzle pieces — if one breaks, the others keep working.
45
举个例子帮助理解微服务(Give an example of microservices)
一个购物网站:下单、库存、付款、发货,每个功能一个微服务,互不干扰。
## Footnote
In an online store: placing orders, managing inventory, processing payments, and shipping — each is a microservice.
46
微服务有哪些优点?(What are the benefits of microservices?)
可独立扩展、更新、重启,团队分工更清晰,开发部署更快。
## Footnote
You can scale, update, and restart each service separately. It enables faster development and better teamwork.
47
微服务有什么挑战?(What are the challenges of microservices?)
系统更复杂,服务间通信变多,数据同步难,网络延迟高,安全面变大。
## Footnote
It’s more complex — services talk a lot, data consistency is harder, latency increases, and the attack surface is larger.
48
微服务之间怎么通信?(How do microservices talk to each other?)
通过 API(HTTP 请求)、消息队列、事件推送等方式。
## Footnote
They use APIs (like HTTP), message queues, or event-driven methods to communicate.
49
微服务适合什么样的团队或项目?(When is microservices a good choice?)
项目大、团队多、功能复杂、希望快速迭代的时候最适合。
## Footnote
It’s ideal for big projects with many teams and features that need fast, flexible updates.
50
微服务的安全难点有哪些?(What are the security challenges of microservices?)
每个服务都要单独认证、防止越权;服务越多,攻击面越大。
## Footnote
Each service needs its own authentication and access control — and the more services you have, the more entry points for attackers.
51
微服务需要容器吗?(Do microservices need containers?)
不必须,但非常适合;容器可以帮你快速部署、隔离每个小服务。
## Footnote
Not required, but containers are a great fit — they help deploy and isolate each service quickly.
52
微服务和 Serverless 有啥区别?(What’s the difference between microservices and serverless?)
微服务是“独立模块的小程序”,Serverless 是“按需运行的函数”,Serverless 适合轻量、事件驱动;微服务更结构化、长期运行。
## Footnote
Microservices are small, always-available services. Serverless functions run only when needed — great for lightweight tasks.
53
什么是 Network Infrastructure?(What is network infrastructure?)
就是支撑公司所有网络运行的“硬件 + 配置”,比如路由器、防火墙、交换机。
## Footnote
It’s the combination of hardware and setup that keeps your network running — like routers, firewalls, and switches.
54
路由器和交换机有什么区别?(What’s the difference between a router and a switch?)
交换机让同一个局域网设备互相通信,路由器是“网络之间”的桥梁,比如公司网连到外网。
## Footnote
Switches connect devices inside a local network; routers connect different networks, like your company to the internet.
55
什么是防火墙?(What is a firewall?)
就像保安,检查进出网络的“访客”,决定谁能进,谁要拦。
## Footnote
It’s like a security guard that checks all traffic and decides who’s allowed in or out.
56
什么是物理隔离?(What is physical separation?)
把敏感系统完全断网,像政府机密网、核电厂系统,就是“物理不连外网”。
## Footnote
Totally disconnecting sensitive systems from the internet — like an air-gapped nuclear control system.
57
什么是逻辑隔离?(What is logical separation?)
虽然用的是同一个物理网络,但通过 VLAN、ACL 等技术把它“虚拟分区”。
## Footnote
Using virtual tools like VLANs or ACLs to separate traffic, even if the devices share the same physical network.
58
网络分段(Segmentation)是啥?和逻辑隔离一样吗?(Is segmentation the same as logical separation?)
分段是逻辑隔离的一种,但重点是限制攻击蔓延,比如一个部门中毒,不能传染别的部门。
## Footnote
Segmentation is a type of logical separation focused on security — it stops attackers from spreading across the network.
59
什么是单点故障(SPOF)?(What is a Single Point of Failure?)
系统里有一个关键点,一旦它坏了,整个服务就挂,比如只有一个路由器。
## Footnote
A critical part that if it fails, everything goes down — like having only one router.
60
怎么降低网络的风险?(How to reduce network risks?)
建多个网段、开日志、防火墙限制访问、更新补丁、禁用不必要端口。
## Footnote
Use segmentation, enable logs, restrict access with firewalls, patch regularly, and disable unused ports.
61
IoT 或 ICS 应该放在主网里吗?(Should IoT or ICS devices be on the main network?)
绝对不行!它们应该放在独立网段里,降低攻击风险。
## Footnote
Absolutely not! They should be on separate segments to reduce the risk of attack.
62
网络安全设计的重点是什么?(What’s the main goal of network design in security?)
不只是让设备能连网,而是要让它们只连该连的东西,别连多的!
## Footnote
Not just to connect devices, but to make sure they only talk to what they need — nothing more.
63
什么是 SDN?(What is SDN?)
就是把网络“集中控制”,不再靠每个交换机/路由器自己决定,而是由一个“网络大脑”统一指挥。
## Footnote
It means the network is centrally controlled by software instead of each device making its own decisions.
64
SDN 的核心好处是什么?(Why is SDN helpful?)
你可以像写程序一样控制网络,自动化设置、防火墙规则、流量路由,全都可以远程一键完成。
## Footnote
You can control the network like code — automate settings, reroute traffic, and apply policies all from one place.
65
SDN 有哪三层?(What are the three layers of SDN?)
1. 应用层(Application Plane):运行网络应用,比如防火墙、监控系统
2. 控制层(Control Plane):网络大脑,告诉设备怎么转发流量
3. 数据层(Data/Forwarding Plane):只管转发数据,不做决定
66
举个例子通俗解释 SDN 的结构(Explain SDN with a simple analogy)
就像高速公路:
• 应用层 = 城市交通管理中心
• 控制层 = 发指令的总指挥
• 数据层 = 红绿灯、道路,负责执行而不做判断
## Footnote
It’s like a traffic system: apps decide what’s needed, the controller gives orders, and the road signs just follow them.
67
SDN 和传统网络有什么区别?(How is SDN different from traditional networking?)
传统网络每个设备都“自己判断”;SDN 所有设备听同一个指挥官。
## Footnote
In traditional networks, devices think for themselves. In SDN, they follow a central controller.
68
SDN 的优点有哪些?(What are the benefits of SDN?)
管理方便、自动响应攻击、统一配置、节省时间、适合云和虚拟环境。
## Footnote
Easier management, better visibility, fast response to threats, unified configuration — perfect for cloud environments.
69
SDN 有哪些安全风险?(What are SDN security risks?)
控制器如果被黑,全网都被控制;控制器崩了,全网挂掉(单点故障);通信过程也容易被截取。
## Footnote
If the controller is hacked or fails, the entire network is at risk — it’s a single point of failure and a central attack target.
70
怎么保护 SDN 网络?(How to secure an SDN network?)
加密通信、设置访问控制、用高可用控制器、限制 API 使用、审计日志。
71
SDN 用在什么场景特别合适?(Where is SDN most useful?)
数据中心、云平台、大型网络、需要频繁变更网络策略的地方。
## Footnote
Data centers, cloud platforms, and any place where networks need to change quickly or scale fast.
72
用一句话总结 SDN?(SDN in one sentence?)
让网络变得像代码一样灵活,像一个“大脑”控制所有“手脚”。
## Footnote
It makes the network programmable and smart — with one brain controlling all the moving parts.
73
什么是 IaC?用一句话解释(What is IaC in one sentence?)
就是用代码的方式来搭建服务器、网络、防火墙等,不用再手动操作。
## Footnote
It means using code to build and manage your servers, networks, and firewalls — no more manual setup.
74
举个生活化例子说明 IaC(Give a real-life example of IaC)
就像做咖啡用咖啡机设定好配方,一按按钮自动完成,不需要你每次手动冲。
## Footnote
It’s like using a coffee machine with pre-set settings instead of making the coffee manually each time.
75
IaC 带来哪些好处?(What are the benefits of IaC?)
快速部署、一致性好、方便版本控制、自动化省力、易于测试和合规审计。
## Footnote
Fast deployments, consistent environments, version control, automation, and easier audits.
76
什么是幂等性(idempotence)?(What is idempotence in IaC?)
就是这个代码你运行几次,结果都一样,不会重复部署或出错。
## Footnote
It means running the same code multiple times will always produce the same result — no duplicates, no errors.
77
常见的 IaC 工具有哪些?(What are common IaC tools?)
Terraform、Ansible、AWS CloudFormation、Pulumi、Chef、Puppet。
## Footnote
Terraform, Ansible, AWS CloudFormation, Pulumi, Chef, and Puppet.
78
IaC 用什么语言?(What languages are used for IaC?)
一般是 YAML、JSON、HCL(HashiCorp),有的也支持 Python、Go、TypeScript。
## Footnote
Mostly YAML, JSON, HCL — some tools even support Python, Go, or TypeScript.
79
IaC 有什么安全风险?(What are the risks of IaC?)
写错配置会一键崩盘、代码里可能藏着密码、团队权限不控制好就会被改坏。
## Footnote
Misconfigurations can break everything, secrets might be in code, and lack of access control can lead to disaster.
80
怎么保护 IaC?(How to secure Infrastructure as Code?)
密码用密钥库存、限制谁能改代码、自动扫描模板有没有风险、版本控制+日志审计。
## Footnote
Store secrets securely, limit who can edit code, scan templates for misconfigurations, and log all changes.
81
IaC 最常见的用途是什么?(What is IaC commonly used for?)
自动创建虚拟机、VPC 网络、防火墙规则、数据库、负载均衡器等。
## Footnote
Automating the creation of VMs, VPCs, firewalls, databases, and load balancers.
82
一句话总结 IaC?(IaC in one sentence?)
像写代码一样搭建你的基础设施,快、稳、省心。
## Footnote
Build your IT environment like writing code — fast, stable, and stress-free.
83
什么是集中式架构?(What is centralized architecture?)
所有服务、数据、权限都放在一个中心,比如总部服务器统一处理一切。
## Footnote
All systems, data, and decisions are handled in one central location — like a main office server doing everything.
84
什么是分布式架构?(What is decentralized architecture?)
系统被分散到多个节点,每个地方可以独立运行,不靠一个“老大”。
## Footnote
Systems are spread out across multiple locations, each running independently without a single central boss.
85
举个例子帮我区分这两种架构(Give an example to compare the two)
集中式像“全国快递只在一个仓库发货”;分布式像“全国各地有自己的分仓”。
## Footnote
Centralized = one warehouse for all shipping; decentralized = local warehouses across the country.
86
集中式架构的优点有哪些?(What are the advantages of centralized architecture?)
好管理、统一控制、成本低、数据一致性高。
## Footnote
Easier to manage, better control, cheaper to maintain, and consistent data.
87
集中式架构的缺点是什么?(What are the downsides of centralized systems?)
单点故障,一挂全挂;扩展性差;远程用户访问慢。
## Footnote
Single point of failure (if it breaks, all is down), hard to scale, slow for distant users.
88
分布式架构有什么优点?(What are the benefits of decentralized architecture?)
更强的容灾能力、更易扩展、全球访问速度快。
## Footnote
More resilient, scalable, and better performance for global users.
89
分布式架构的缺点有哪些?(What are the downsides of decentralized systems?)
数据同步难、管理更复杂、安全控制分散。
## Footnote
Harder to keep data consistent, more complex to manage, and security is spread out.
90
哪种架构更适合“可用性高”的系统?(Which is better for high availability?)
分布式,更抗打。一个节点出问题,其他还能运行。
## Footnote
Decentralized — if one part goes down, the rest stay online.
91
哪种架构更容易被攻击成功?(Which is more vulnerable to a single attack?)
集中式。只要攻击到核心点,整个系统就瘫痪了。
## Footnote
Centralized — one attack on the core can take down everything.
92
一句话总结两种架构区别?(One-line comparison of both architectures)
集中式靠“一个大脑”,分布式像“多头作战”,各有千秋。
## Footnote
Centralized = one brain runs it all; decentralized = many brains work together — both have pros and cons.
93
什么是 IoT?(What is the Internet of Things?)
就是各种连上网的小设备,比如扫地机、摄像头、智能门铃,能感应、上传、执行动作。
## Footnote
It’s a network of internet-connected devices — like cameras, smart locks, and thermostats — that sense, send, and act.
94
举几个常见的 IoT 设备(Give examples of common IoT devices)
智能灯泡、WiFi 摄像头、手环、智能门锁、冰箱、扫地机、联网打印机。
## Footnote
Smart bulbs, WiFi cameras, fitness bands, smart locks, fridges, robot vacuums, and network printers.
95
IoT 的核心组成有哪些?(What are the core components of IoT?)
• 设备本体(Devices):感应器或执行器
• 通信模块:Wi-Fi、蓝牙、ZigBee
• 控制中心(Hub):接收、分析、控制命令
• 云端平台:远程存储、处理数据
96
IoT 有什么优点?(What are the benefits of IoT?)
自动化省人力、能远程控制、实时收集数据、智能反应环境。
## Footnote
Automation saves labor, allows remote control, gives real-time data, and reacts smartly to the environment.
97
IoT 为什么更容易被攻击?(Why is IoT more vulnerable to attacks?)
设备多但功能弱,默认密码、通信不加密、缺乏日志、厂商不爱更新。
## Footnote
Too many devices, low power, weak defaults, no encryption, no logs, and poor update support.
98
什么是“默认凭据风险”?(What is the default credential risk?)
很多 IoT 出厂时账号密码是 admin/admin,不改的话谁都能登。
## Footnote
Many devices ship with admin/admin — if not changed, anyone can log in.
99
IoT 安全的核心对策有哪些?(Key defenses for IoT?)
改默认密码、用加密、VLAN 分网、定期打补丁、关不必要端口、不开远程管理。
100
IoT 设备该不该和公司主网连一起?(Should IoT devices be on the main network?)
绝对不要!要分网段、限制访问、单向通信。
## Footnote
Absolutely not — they need segmentation, limited access, and possibly one-way data flow.
101
什么是 OTA 更新?为什么重要?(What is OTA and why is it important?)
Over-the-Air update,远程自动升级固件,关键漏洞修复的唯一希望。
## Footnote
Over-the-Air update — lets devices get security patches remotely, often the only way to fix flaws.
102
一句话总结 IoT 风险?(One-line IoT risk summary)
小设备不等于小风险,一堆“聪明玩具”也能造成大麻烦。
## Footnote
Tiny devices can cause huge problems — smart doesn’t always mean secure.
103
什么是 ICS?(What is ICS?)
Industrial Control System,是控制工厂、发电站、水厂等工业流程的“自动化大脑”。
## Footnote
It’s the tech that runs factories, power plants, and water systems — like an automated brain for industrial systems.
104
什么是 SCADA?和 ICS 是什么关系?(What is SCADA and how is it related to ICS?)
SCADA 是 ICS 的一种,专门负责“远程监控和控制”大范围设施,比如全国输电、水处理等。
## Footnote
SCADA is a type of ICS used for remotely monitoring and controlling large, spread-out systems like power grids.
105
ICS/SCADA 系统有哪些关键组件?(Key components of ICS/SCADA?)
• 传感器 / 执行器(Sensors/Actuators):采集数据 & 执行命令
• PLC(可编程控制器):执行控制逻辑的“小电脑”
• RTU(远程终端单元):传输远端数据和命令
• SCADA Server:汇总分析和下发指令的核心
• HMI(人机界面):让人操作和查看图表的屏幕
106
举个现实例子帮助理解(Real-life ICS/SCADA example)
比如自来水公司远程监控所有水泵的水压、水位,自动调节排水量,这就是典型的 SCADA。
## Footnote
Like a water company monitoring and adjusting pumps remotely — that’s a perfect SCADA system example.
107
ICS/SCADA 为什么很脆弱?(Why are ICS/SCADA systems vulnerable?)
很多设备老旧、不支持加密、没认证机制、不能随便打补丁,还是连着公网。
## Footnote
Many are old, don’t support encryption, lack authentication, can’t be patched easily, and are sometimes exposed to the internet.
108
什么是 Stuxnet?(What is Stuxnet?)
是一种攻击 SCADA 的恶意软件,曾瘫痪伊朗核电厂的离心机。
## Footnote
A famous worm that disrupted Iran’s nuclear centrifuges by secretly altering their PLCs.
109
ICS/SCADA 安全对策有哪些?(How to protect ICS/SCADA systems?)
• 使用强身份验证
• 网络隔离(Air Gap)
• 限制远程访问
• 定期安全审计
• 员工培训防钓鱼
• 打补丁但要测试验证!
110
什么是 Air-Gap?(What is Air-Gapping?)
完全物理隔离的网络,不能接入互联网,常用于关键基础设施。
## Footnote
A network completely disconnected from the internet — often used in critical systems.
111
ICS/SCADA 的挑战之一:不能轻易打补丁?为什么?(Why is patching difficult in ICS?)
因为设备必须一直运行,停机=停产,有时更新还要重新认证,程序复杂。
## Footnote
These systems must stay running — downtime means production stops, and updates may require re-certification.
112
一句话总结 ICS/SCADA 安全?(One-line ICS/SCADA summary)
它们是国家基础设施的心脏,但也像老爷车一样脆弱,得小心养护。
## Footnote
They power critical infrastructure, but are fragile like old machines — handle with care.
113
什么是嵌入式系统?(What is an embedded system?)
是被装进某个设备里、专门负责一个任务的小型计算机。
## Footnote
It’s a tiny computer built into a device to do one specific job.
114
举几个常见的嵌入式设备例子(Examples of embedded systems)
微波炉定时器、汽车的刹车控制、ATM 机内的芯片、飞机导航、智能手表芯片。
## Footnote
Microwave timer, car braking system controller, ATM chips, airplane navigation modules, smartwatch processors.
115
嵌入式系统有什么特点?(What are their characteristics?)
资源小、功能专、常年运行、和硬件绑得死死的。
## Footnote
They’re resource-limited, do one thing, run constantly, and are tightly connected to hardware.
116
什么是 RTOS?(What is RTOS?)
Real-Time Operating System,专为“准时完成任务”而生的系统,比如气囊控制系统。
## Footnote
A Real-Time Operating System ensures tasks happen on time — like a car airbag that must deploy within milliseconds.
117
嵌入式系统的风险有哪些?(What are the risks of embedded systems?)
• 固件老旧、不易更新
• 默认密码未改
• 没有日志或认证功能
• 容易被物理攻击(U盘插入、拆壳)
## Footnote
Old firmware, default passwords, no logging, weak access control, vulnerable to physical access.
118
什么是固件?(What is firmware?)
是运行在嵌入式设备里的“系统级程序”,不是操作系统,但也控制一切。
## Footnote
Firmware is low-level software stored in the device, controlling how the hardware behaves.
119
什么是“刷恶意固件”?(What is malicious firmware flashing?)
黑客替换你设备里的原始程序,让它偷偷监听、上传数据或变成僵尸设备。
## Footnote
Hackers replace original firmware with malicious code to spy, steal data, or enslave the device.
120
如何保护嵌入式系统?(How to protect embedded systems?)
• 安全启动(Secure Boot)
• OTA 安全更新
• 网络隔离
• 限制接口访问
• 加密存储
• 物理封装 + 贴封条
## Footnote
Secure boot, encrypted storage, isolated networking, secure OTA updates, interface control, and physical tamper protection.
121
什么是 OTA 更新?(What is OTA update?)
Over-The-Air update,远程推送固件更新,不用拆设备。
## Footnote
Over-The-Air updates push firmware remotely without physical access.
122
一句话总结嵌入式安全?(One-line summary of embedded security)
小小芯片承载大任务,更新难+防护弱,千万别忽视!
## Footnote
Tiny chips do big jobs — hard to update and easy to hack, so don’t underestimate them.
