Ver:
·
Ataque
Medio típico
(acción o acontecimiento) con el que un elemento peligroso realiza sus ataques.
Ejemplos:
·
robo
de soportes informáticos o de documentos;
·
alteración de programas;
·
atentado contra la disponibilidad
del personal;
·
escucha pasiva;
·
inundación;
·
...
[EBIOS:2005]
manner and means, including
the weapon and delivery method, an adversary may use to cause harm on a target
Annotation: Attack method
and attack mode are synonymous.
DHS Risk Lexicon, September
2008
Possible attack of a threat
agent on assets.
Examples:
·
a former
member of the personnel with little technical ability but possibly strong
motivation, deliberately damages the system software by introducing a virus,
taking advantage of the ease of installing harmful programmes on the
organisation's office network; this could affect, for example, the functions
generating estimates or signature certificates;
·
a cracker
with a good level of expertise, standard equipment and paid for his actions,
steals confidential files by remotely accessing the company's network;
·
a
developer or member of the personnel with a very good level of expertise in
source codes but little ISS knowledge deliberately modifies the source code;
·
a visitor
steals equipment containing confidential information;
·
etc.
[EBIOS:2005]
Standard means (action or
event) by which a threat agent carries out an attack.
Examples:
·
theft of
media or documents;
·
software
entrapment;
·
attack on
availability of personnel;
·
passive
wiretapping;
·
flood;
·
etc.
[EBIOS:2005]
Moyen type (action ou
événement) pour un élément menaçant de réaliser une attaque.
Exemples:
·
vol
de supports ou de documents ;
·
piégeage du logiciel ;
·
atteinte
à la disponibilité du personnel ;
·
écoute passive ;
·
crue ;
·
...
[EBIOS:2005]