start of threads
This commit is contained in:
parent
754d159d7c
commit
ed759145c7
1 changed files with 49 additions and 13 deletions
|
|
@ -1,31 +1,67 @@
|
||||||
\section{Part 1: Assets and Threats}
|
\section{Part 1: Assets and Threats}
|
||||||
|
|
||||||
|
\subsection{Liste der Assets}
|
||||||
|
|
||||||
\begin{table}[ht]
|
\begin{table}[ht]
|
||||||
\centering
|
\centering
|
||||||
\begin{adjustbox}{width=1\textwidth}
|
\begin{adjustbox}{width=1\textwidth}
|
||||||
\small
|
\small
|
||||||
\begin{tabular}{r|l|l|l|l|l|l|l|l|l|l|l}
|
\begin{tabular}{r|l|l|l|l|l|r|l|l|l|l|l}
|
||||||
\textbf{No} & \textbf{Name} & \textbf{Description} & \textbf{Owner} & \textbf{Maintainer} & \textbf{Location} & \textbf{CIA} & \textbf{PI} & \textbf{Access privs} & \textbf{Category} & \textbf{Asset value} & \textbf{Business criticality} \\
|
\textbf{No} & \textbf{Name} & \textbf{Description} & \textbf{Owner} & \textbf{Maintainer} & \textbf{Location} & \textbf{CIA} & \textbf{PI} & \textbf{Access privs} & \textbf{Category} & \textbf{Asset value} & \textbf{Criticality} \\
|
||||||
\hline
|
\hline
|
||||||
1 & & & & & & & & & & & \\
|
1 & Dashboard & Car dashboard & Driver & A. Name & Car & IA & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
2 & & & & & & & & & & & \\
|
2 & Entertainment & Car entertainment system & Driver & A. Nother & Car & A & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
3 & & & & & & & & & & & \\
|
3 & OTA Server & Server for OTA Updates & IT-Dep & S. Ome & E2, room 44& IA & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
4 & & & & & & & & & & & \\
|
4 & Charging Station & System to handle charging & IT-Dep & B. Ody & Fuel Stations & IA & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
5 & & & & & & & & & & & \\
|
5 & Collaboration & Collaboration code & IT-Dep & T. Is & E2, room 45 & CI & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
6 & & & & & & & & & & & \\
|
6 & Meetings & Online meetings code & Sales/Marketing & I. Sweird & E2, room 46 & CI & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
7 & & & & & & & & & & & \\
|
7 & Online Shop & Buy the car online & Sales/Marketing & A. Ndun & E2, room 47 & IA & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
8 & & & & & & & & & & & \\
|
8 & Client DB & Databas of clients & Sales/Marketing & I. Nspired & E2, room 48 & CIA & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
9 & & & & & & & & & & & \\
|
9 & Service API & Car service API & Service Center & A. Lmost & E2, Car & I & & & & & \\
|
||||||
\hline
|
\hline
|
||||||
10 & & & & & & & & & & & \\
|
10 & Website & Company Website & Sales/Marketing & D. One & E2, room 49 & IA & & & & & \\
|
||||||
\end{tabular}
|
\end{tabular}
|
||||||
\end{adjustbox}
|
\end{adjustbox}
|
||||||
|
\caption{Asset Liste}
|
||||||
|
\label{tab:Asset Liste}
|
||||||
\end{table}
|
\end{table}
|
||||||
|
|
||||||
|
\subsection{Gefahren für Assets}
|
||||||
|
|
||||||
|
8. Client DB:
|
||||||
|
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Diebstahl der Daten aus der Datenbank
|
||||||
|
\item Denial of Service
|
||||||
|
\item Löschen der Datenbank
|
||||||
|
\item Verschlüsselung der Datenbank
|
||||||
|
\item Änderung der Kundendaten
|
||||||
|
\item SQL Injection
|
||||||
|
\item Zugang sperren
|
||||||
|
\item Falsche Daten liefern
|
||||||
|
\item Falsche Daten hinzufügen
|
||||||
|
\item Löschen der Backups
|
||||||
|
\end{enumerate}
|
||||||
|
|
||||||
|
10. Website:
|
||||||
|
|
||||||
|
\begin{enumerate}
|
||||||
|
\item Darstellung falscher Daten
|
||||||
|
\item Injection, z.B. Kontaktformular
|
||||||
|
\item Cross-Site Scripting
|
||||||
|
\item SSRF
|
||||||
|
\item Diebstal der Logs
|
||||||
|
\item Zugriff auf das Hostsystem
|
||||||
|
\item Denial of Service
|
||||||
|
\item DNS flooding
|
||||||
|
\item DNS hijacking
|
||||||
|
\item Domain stehlen
|
||||||
|
\end{enumerate}
|
||||||
|
|
|
||||||
Reference in a new issue