Focused On Your Success


The All.Net Security Database


Informational Cross Reference
Informational Cross Reference


Informational - also called 'logical' deals with data-driven items, items involving computers or other automated processing equipment, and items related to thought or human information processing.

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Attack78 - breaking key management systems]
    [Attack30 - bribes and extortion]
    [Attack62 - call forwarding fakery]
    [Attack58 - content-based attacks]
    [Attack56 - data aggregation]
    [Attack48 - data diddling]
    [Attack1 - errors and omissions]
    [Attack36 - excess privilege exploitation]
    [Attack18 - fictitious people]
    [Attack64 - illegal value insertion]
    [Attack45 - imperfect daemon exploits]
    [Attack35 - inadequate notice exploitation]
    [Attack86 - inappropriate defaults]
    [Attack63 - input overflow]
    [Attack42 - interrupt sequence mishandling]
    [Attack33 - invalid values on calls]
    [Attack32 - password guessing]
    [Attack51 - PBX bugging]
    [Attack21 - perception management a.k.a. human engineering]
    [Attack66 - privileged program misuse]
    [Attack19 - protection missetting exploitation]
    [Attack60 - restoration process corruption or misuse]
    [Attack90 - strategic or tactical deceptions]
    [Attack47 - viruses]
    [Defense30 - audit analysis]
    [Defense61 - authentication of packets]
    [Defense8 - automated protection checkers and setters]
    [Defense35 - awareness of implications]
    [Defense5 - background checks]
    [Defense33 - capture and punishment]
    [Defense120 - clear line of responsibility for protection]
    [Defense91 - conservative resource allocation]
    [Defense123 - compliance with laws and regulations]
    [Defense96 - content checking]
    [Defense94 - concealed services]
    [Defense99 - deceptions]
    [Defense72 - detailed audit]
    [Defense50 - dynamic password change control]
    [Defense76 - effective protection mind-set]
    [Defense6 - feeding false information]
    [Defense44 - hard-to-guess passwords]
    [Defense56 - fine-grained access control]
    [Defense34 - improved morality]
    [Defense119 - individual accountability for all assets and actions]
    [Defense89 - integrity checking]
    [Defense55 - integrity shells]
    [Defense10 - isolated sub-file-system areas]
    [Defense53 - known-attack scanning]
    [Defense124 - legal agreements]
    [Defense43 - multi-version programming]
    [Defense22 - out-of-range detection]
    [Defense19 - over-damped protocols]
    [Defense98 - perception management]
    [Defense28 - procedures]
    [Defense121 - program change logs]
    [Defense100 - retaining confidentiality of security status information]
    [Defense1 - strong change control]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense20 - temporary blindness]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense24 - training and awareness]
    [Defense95 - traps]
    [Defense9 - trusted applications]
    [Defense97 - trusted system technologies]