Phase 3 - Gaining Access
*
Gaining Access refers to the true attack phase. The hacker exploits the system.
*
The exploit can occur over a LAN, locally, Internet, offline, as a deception or theft. Examples include stack-based buffer overflows, denial of service, session hijacking, password filtering etc.
*
Influencing factors include architecture and configuration of target system, skill level of the perpetrator and initial level of access obtained.
*
Business Risk - 'Highest' - The hacker can gain access at operating system level, application level or network level.
*
Gaining Access refers to the true attack phase. The hacker exploits the system.
*
The exploit can occur over a LAN, locally, Internet, offline, as a deception or theft. Examples include stack-based buffer overflows, denial of service, session hijacking, password filtering etc.
*
Influencing factors include architecture and configuration of target system, skill level of the perpetrator and initial level of access obtained.
*
Business Risk - 'Highest' - The hacker can gain access at operating system level, application level or network level.
Comments
Post a Comment