carver matrix
Sicherheitsrisiken richtig evaluieren.
Criticality: The target value. How vital is this to the overall organization? A target is critical when its compromise or destruction (failure to provide any of the CIA triad components) has a highly significant impact in the overall organization.
Accessibility: How easily can I reach the target? What are the defenses? Do I need an insider? Is the target computer off the Internet?
Recuperability: How long will it take for the organization to replace, repair, or bypass the destruction or damage caused to the target? Once the compromise is found, how long will it take for the system to recuperate from it?
Vulnerability: What is the degree of knowledge needed to exploit the target? Can I use known exploits or should I invest in new, possible 0-day exploits?
Effect: What’s the impact of the attack on the organization? Similar to the first point (Criticality) this point should also analyse possible reactions from the organization.
Recognizability: Can I identify the target as such? How easy is to recognize that a specific system / network / device is the target and not a security countermeasure.
about
Alle Themen
- allgemeines
- art
- bikes
- couchsurfing
- free software
- gastpost
- home office
- ideen
- IT Consulting
- möbelstücke
- mywork
- outdoor
- produktivity
- projekte
- reiseberichte
- -> barcelona 2018
- -> Dolomiten 2019
- -> griechenland 2017
- -> island 2018
- -> sonnblick 2019
- -> usa 2015
- -> weitwandern 2019
- ->arco
- ->barcelona
- ->berlin
- ->china 2016
- ->dänemark 2019
- ->ghana 2014
- ->goldberggruppe 2013
- ->grimming 2018
- ->hochkar 2014
- ->hohe tauern
- ->kärnten 2012
- ->kroatien 2014
- ->kroatien 2016
- ->lungau mit leni
- ->missing sun
- ->nord-süd
- ->norway 2012
- ->rom
- ->salzkammergut 2012
- ->südtirol
- ->thailand 2017
- ->wiesbachhorn 2013
- review
- rezepte
- slides
- studium
- tech
- ted
- uhren
- unicornspunktat
- wohnung
flickr
