Register
John is analyzing an attack against his company in which the attacker found comments embedded in HTML code that provided the clues needed to exploit a software vulnerability. Using the STRIDE model, what
62.6k views
2 votes
John is analyzing an attack against his company in which the attacker found comments embedded in HTML code that provided the clues needed to exploit a software vulnerability. Using the STRIDE model, what type of attack did he uncover?

User Shakeisha
by
5.5k points

1 Answer

4 votes

Answer:

Information Disclosure

Step-by-step explanation:

Hello, the fact that the attacker was able to gather information from within the embedded HTML code suggests that the original developer did not properly store information, revealing potential issues or vulnerabilities in his/her design.

The STRIDE model stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Using the STRIDE model, one would say this would be a simple information disclosure attack, since the attacker used retrieved information to breach the system.

Cheer.

User GeorgeButter
by
5.4k points
Ask a Question
Welcome to QAmmunity.org, where you can ask questions and receive answers from other members of our community.

6.2m questions

8.2m answers

Other Questions

To group option buttons so that selecting one deselects all of the others, you must make the ____ attribute the same.
Harrison worked on a spreadsheet to show market trends of various mobile devices. The size of the file has increased because Harrison used a lot of graphs and charts. Which file extension should he use
Four different commands and Internet explore and identify their keyboard shortcuts
What is the primary revenue model for an e-distributor?
During which part of geologic time did photosynthesis evolve? A.Hadean B.Archean C.Cambrian D.Cenozoic
Link Copied!