O'Reilly logo

CISSP in 21 Days - Second Edition by M. L. Srinivasan

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Security impact analysis

The preceding vulnerability list can be compromised through various attacks. In-house developed software or acquired software should be thoroughly tested for various attack scenarios, and their impact has to be determined. The following list provides some of the common application attacks that need to be tested in applications:

  • Abuse of functionality
  • Data structure attacks
  • Exploitation of authentication
  • Injection such as code injection or SQL injection
  • Malicious code attack
  • Path traversal attack
  • Probabilistic techniques
  • Protocol manipulation
  • Resource depletion
  • Resource manipulation
  • Sniffing attacks
  • Spoofing

Note

Many of these listed attacks are explained in the previous chapters.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required