Focused On Your Success


The All.Net Security Database


Testing Cross Reference
Testing Cross Reference


Technologies and issues related to how testing may be done.

Testing is the means by which asserted behavior is verified.

Cause/Mechanism:
  • Threat Profiles
  • Attack Methods
  • Defense Methods
    Process:
  • Prevention
  • Detection
  • Reaction
    Impact:
  • Integrity
  • Availability
  • Confidential
  • Use Control
  • Other:
  • Risk Management
  • Database Description

    Domain:
  • Physical
  • Informational
  • Systemic
    Sophistication:
  • Theoretical
  • Demonstrated
  • Widespread
  • Perspectives:
  • Management
  • Policy
  • Standards
  • Procedures
  • Documentation
  • Audit
  • Testing
  • Technical Safeguards
  • Personnel
  • Incident Handling
  • Legal
  • Physical
  • Awareness
  • Training
  • Education
  • Organization
  • Brekne's Mechanistic:
  • Input
  • Output
  • Storage
  • Processing
  • Transmission
  • Brekne's Causal:
  • Accidental
  • Malicious
  • Brekne's Method:
  • Leakage
  • Masquerade
  • Denial
  • Corruption
  • Usage
  • Mental

  • [Defense131 - adversary principle (GASSP)]
    [Defense135 - alarms]
    [Defense62 - analysis of physical characteristics]
    [Defense30 - audit analysis]
    [Defense29 - auditing]
    [Defense8 - automated protection checkers and setters]
    [Defense57 - change management]
    [Defense58 - configuration management]
    [Defense96 - content checking]
    [Defense13 - detection before failure]
    [Defense92 - fire suppression equipment]
    [Defense44 - hard-to-guess passwords]
    [Defense102 - independent computer and tool use by auditors]
    [Defense116 - inspection of incoming and outgoing materials]
    [Defense89 - integrity checking]
    [Defense130 - internal control principle (GASSP)]
    [Defense53 - known-attack scanning]
    [Defense66 - noise injection]
    [Defense22 - out-of-range detection]
    [Defense69 - path diversity]
    [Defense36 - periodic reassessment]
    [Defense25 - policies]
    [Defense28 - procedures]
    [Defense121 - program change logs]
    [Defense104 - protection of data used in system testing]
    [Defense122 - protection of names of resources]
    [Defense70 - quad-tri-multi-angulation]
    [Defense16 - redundancy]
    [Defense101 - regular review of protection measures]
    [Defense23 - reintegration]
    [Defense100 - retaining confidentiality of security status information]
    [Defense140 - searches and inspections]
    [Defense51 - secure design]
    [Defense4 - sensors]
    [Defense133 - simplicity principle (GASSP)]
    [Defense27 - standards]
    [Defense1 - strong change control]
    [Defense117 - suppression of incomplete, erroneous, or obsolete data]
    [Defense52 - testing]
    [Defense128 - timeliness principle (GASSP)]
    [Defense106 - tracking, correlation, and analysis of incident reporting and response information]
    [Defense9 - trusted applications]
    [Defense97 - trusted system technologies]