start of threads
This commit is contained in:
parent
754d159d7c
commit
ed759145c7
1 changed files with 49 additions and 13 deletions
|
|
@ -1,31 +1,67 @@
|
|||
\section{Part 1: Assets and Threats}
|
||||
|
||||
\subsection{Liste der Assets}
|
||||
|
||||
\begin{table}[ht]
|
||||
\centering
|
||||
\begin{adjustbox}{width=1\textwidth}
|
||||
\small
|
||||
\begin{tabular}{r|l|l|l|l|l|l|l|l|l|l|l}
|
||||
\textbf{No} & \textbf{Name} & \textbf{Description} & \textbf{Owner} & \textbf{Maintainer} & \textbf{Location} & \textbf{CIA} & \textbf{PI} & \textbf{Access privs} & \textbf{Category} & \textbf{Asset value} & \textbf{Business criticality} \\
|
||||
\begin{tabular}{r|l|l|l|l|l|r|l|l|l|l|l}
|
||||
\textbf{No} & \textbf{Name} & \textbf{Description} & \textbf{Owner} & \textbf{Maintainer} & \textbf{Location} & \textbf{CIA} & \textbf{PI} & \textbf{Access privs} & \textbf{Category} & \textbf{Asset value} & \textbf{Criticality} \\
|
||||
\hline
|
||||
1 & & & & & & & & & & & \\
|
||||
1 & Dashboard & Car dashboard & Driver & A. Name & Car & IA & & & & & \\
|
||||
\hline
|
||||
2 & & & & & & & & & & & \\
|
||||
2 & Entertainment & Car entertainment system & Driver & A. Nother & Car & A & & & & & \\
|
||||
\hline
|
||||
3 & & & & & & & & & & & \\
|
||||
3 & OTA Server & Server for OTA Updates & IT-Dep & S. Ome & E2, room 44& IA & & & & & \\
|
||||
\hline
|
||||
4 & & & & & & & & & & & \\
|
||||
4 & Charging Station & System to handle charging & IT-Dep & B. Ody & Fuel Stations & IA & & & & & \\
|
||||
\hline
|
||||
5 & & & & & & & & & & & \\
|
||||
5 & Collaboration & Collaboration code & IT-Dep & T. Is & E2, room 45 & CI & & & & & \\
|
||||
\hline
|
||||
6 & & & & & & & & & & & \\
|
||||
6 & Meetings & Online meetings code & Sales/Marketing & I. Sweird & E2, room 46 & CI & & & & & \\
|
||||
\hline
|
||||
7 & & & & & & & & & & & \\
|
||||
7 & Online Shop & Buy the car online & Sales/Marketing & A. Ndun & E2, room 47 & IA & & & & & \\
|
||||
\hline
|
||||
8 & & & & & & & & & & & \\
|
||||
8 & Client DB & Databas of clients & Sales/Marketing & I. Nspired & E2, room 48 & CIA & & & & & \\
|
||||
\hline
|
||||
9 & & & & & & & & & & & \\
|
||||
9 & Service API & Car service API & Service Center & A. Lmost & E2, Car & I & & & & & \\
|
||||
\hline
|
||||
10 & & & & & & & & & & & \\
|
||||
10 & Website & Company Website & Sales/Marketing & D. One & E2, room 49 & IA & & & & & \\
|
||||
\end{tabular}
|
||||
\end{adjustbox}
|
||||
\caption{Asset Liste}
|
||||
\label{tab:Asset Liste}
|
||||
\end{table}
|
||||
|
||||
\subsection{Gefahren für Assets}
|
||||
|
||||
8. Client DB:
|
||||
|
||||
\begin{enumerate}
|
||||
\item Diebstahl der Daten aus der Datenbank
|
||||
\item Denial of Service
|
||||
\item Löschen der Datenbank
|
||||
\item Verschlüsselung der Datenbank
|
||||
\item Änderung der Kundendaten
|
||||
\item SQL Injection
|
||||
\item Zugang sperren
|
||||
\item Falsche Daten liefern
|
||||
\item Falsche Daten hinzufügen
|
||||
\item Löschen der Backups
|
||||
\end{enumerate}
|
||||
|
||||
10. Website:
|
||||
|
||||
\begin{enumerate}
|
||||
\item Darstellung falscher Daten
|
||||
\item Injection, z.B. Kontaktformular
|
||||
\item Cross-Site Scripting
|
||||
\item SSRF
|
||||
\item Diebstal der Logs
|
||||
\item Zugriff auf das Hostsystem
|
||||
\item Denial of Service
|
||||
\item DNS flooding
|
||||
\item DNS hijacking
|
||||
\item Domain stehlen
|
||||
\end{enumerate}
|
||||
|
|
|
|||
Reference in a new issue