Test 1 Identification

1. Whatever potential event could harm an asset, malicious or otherwise,

that could happen to your assets.
2. This could be due to poor design, configuration errors, or unsafe coding
techniques. Low input validation is an example of an application layer
weakness that can lead to input attacks.
3. An action exploiting vulnerability or making a threat. It includes sending
malicious input to an app or flooding a network to deny service.
4. A flaw or misconfiguration in the code of a website or web application
that allows an attacker to gain control of the site and possibly the
hosting server.
5. It arises because web applications must interact with multiple users
across multiple networks, and hackers can easily exploit this level of
accessibility.
6. The attacker's use of your application to post damaging things about other people and
organizations is similar to sock puppetry.
7. A small program that automatically installs itself on your computer,
possibly as an attachment to an email message or as part of a
downloaded application.
8. Automated attacks may consist of simply pulling all information from the
screen and then analyzing what has been captured for items of interest
to the attacker.
9. An attacker who is able to exploit a vulnerability in your domain's DNS
servers may be able to substitute her own IP address for yours, routing
any requests for your application to her server.
10. With the popularity of weblogging and message board systems, many
websites now allow their users to keep a journal or post photos. Sites like
these may attract abusers who want to store content without fear of it
being traced back to their own servers—not journal entries or photos,
but illegal or inflammatory content.

Test II Enumeration

1. Anatomy of Attack 1-5

2. Five good habits of a security-conscious developer 1 - 5

1. Threat
2. Vulnerability
3. Attack
4. web application vulnerability
5. Web application vulnerabilities
6. Defamation
7. Worm/Virus
8. Screen scraping
9. DNS Attack
10. Abuse of Storage