Slide 21 of 37
Notes:
Any successful attack requires some combination of these factors. An excess of one may reduce the requirements for any of the others. Protective measures reduce what is available to the attacker or raise the requirements.
For example, in one attack (by an outside auditor) against one of our clients the success involved work to discover numbers answered by modems and pcAnywhere (special knowledge), access to LANs via pcAnywhere on workstations. More work produced special knowledge about passwords on LAN servers. Attack was discovered when they triggered alarms, i.e., ran out of elapsed time.