~/Cedric

No robust access control system Vulnerabilities

Password for accessing the system or application changed rarely or not at all Vulnerabilities

No procedure for access to classified information Vulnerabilities

Possibility of the system being subjected to badly formed requests and data (e.g. buffer overflow, denial of service on SMTP, POP3, IMAP server) Vulnerabilities

Media storage not protected Vulnerabilities

Possibility of incorrect configuration, installation or modification of the operating system Vulnerabilities

No means of checking the safety of media when they enter the organisation Vulnerabilities

Obsolete hardware Vulnerabilities

Equipment allowing data to be recorded on media (floppy disc, ZIP disc, CD/DVD writer) Vulnerabilities

Flaws in the physical access boundaries Vulnerabilities

Can unauthorised persons gain direct access? How many barriers are there? Is there an alarm? Visitor reception? Of what quality?