O'Reilly logo

CISSP in 21 Days - Second Edition by M. L. Srinivasan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Threats and vulnerabilities to application systems

As a security professional, one must s on the following while considering security for applications:

  • Asset: An asset is basically a resource. It may be a computer, operating system, database management system and so on.
  • Threat: This is an event that could compromise an asset by exploiting the weaknesses or vulnerabilities in the asset.
  • Threat agent: A threat cannot manifest on its own. It needs an agent to exploit vulnerabilities. For example, hacking is a threat. Not having suitable patch management control or monitoring control is a vulnerability. Hacking is done by a hacker. Hence, a malicious hacker is a threat agent for unethical hacking.
  • Vulnerability: This is a weakness in the system that a ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required