APPENDIX C

Common Vulnerabilities

Vulnerabilities are flaws that create weaknesses in the overall information assurance of the system or network. This appendix will provide a general overview of types of vulnerabilities and the nature/effect of those vulnerabilities.

NOTE This list is inspired by and adapted from the BSI (Bundesamt für Sicherheit in der Informationstechnik) threat list.

Vulnerability: Organizational Shortcomings

An organization that has poor planning and implementation habits introduces vulnerabilities. Throughout the organizational planning process, you should make sure information assurance is kept in the list of high-importance items. The following are the vulnerabilities in this category:

Vulnerability: Technical ...

Get Information Assurance Handbook: Effective Computer Security and Risk Management Strategies now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.