政府組態基準(GCB)應用探討-校園電腦組態為例

在這個科技與網路迅速發展的時代中，幾乎是人手一台電腦，而政府機關及學校也不例外，但這樣一來在預防資料外洩、電腦被駭、資料被串改…等方面就顯得更加重要了，因此如何對電腦進行安全性的防護成為了一大課題。而在本論文中，我們在參考行政院國家資通安全會報技術服務中心(NCCST)所提供資料及群組原則物件(Group Policy Object)之GPO檔案和對學校之電腦系統環境進行分析後，先通過軟體組態管理(Software Configuration Management, SCM)對GPO檔進行符合學校電腦系統環境需求的修正與保存，並將儲存之GPO檔配送給各個電腦進行安裝套用，之後再對個別電腦進行其他組態項目的設定，而為了確保安全，會在安裝套用後進行執行運作測試。

關鍵字

政府組態基準；電腦安全性防護；群組原則物件

並列摘要

In this era of rapid development of technology and networks，everyone almost have a computer，government agencies and schools are no exception，but in this way，the prevention of information leakage, computers are appalled, information was altered... problem is more important, so how to protect the security of computers has become a major issue. In this thesis, after referring to the information and GPO (Group Policy Object) files provided by the National Center for Cyber Security Technology (NCCST) and analyzing the computer system environment of the school，first we use the SCM(Software Configuration Management, SCM) to analyze the GPO file in accordance with the school computer Modify and save the system environment requirements, and distribute the stored GPO files to each computer for installation and application, and then set other configuration items for individual computers. In order to ensure safety, an operation test will be performed after installation and application.