GB/T 36627-2018

Active

Information security technology—Testing and evaluation technical guide for classified cybersecurity protection

信息安全技术网络安全等级保护测试评估技术指南

Standard Type

GBT

ICS

35.040

CCS

L80

Status

Active

Issue Date

2018-09-17

Implementation

2019-04-01

Centralized Committee

国家标准委

Issuing Authority

国家市场监督管理总局、中国国家标准化管理委员会

Application Summary AI generated

This standard provides technical guidance for testing and evaluating information systems under China's classified cybersecurity protection scheme (MLPS 2.0). It is applied by security assessors and system operators to verify that security controls meet the required protection level for systems in government, finance, energy, and other critical sectors. The guide specifies methods for vulnerability scanning, penetration testing, and compliance checks during certification audits.

Related Standards

GB/T 21049-2007 Chinese-sensible code GB/T 19245-2003 Specification for information interchange of electronic business card GB/T 16986-2003 Application identifiers for EAN·UCC system GB/T 16829-2003 Information technology--Automatic identification and data capture techniques--Bar code symbology specifications--Interleaved 2 of 5 GB/T 18391.2-2003 Information technology--Specification and standardization of data elements--Part 2: Classification for data elements GB/T 19253-2003 Information technology--Notation of format for data element values GB/T 2261.3-2003 Classification and codesof basic personal information--Part 3: Codes for state of health GB/T 2261.1-2003 Classification and codesof basic personal information--Part 1: Codes for sexual distinction of human

Transparency note: The application summary and key sentences on this page were automatically generated by AI from the standard's original text. This content has not been human-verified and should not be used for compliance or regulatory purposes. Always refer to the official standard document from the issuing authority.