The user has sent too many requests in a given amount of time (“rate limiting”).
The response representations SHOULD include details explaining the condition, and MAY include a Retry-After header indicating how long to wait before making a new request.
Cross-layer functions are services that are not tied to a given layer but may affect more than one layer. Some orthogonal aspects, such as management and security, involve all of the layers. These services are aimed at improving the CIA triad—confidentiality, integrity, and availability—of the transmitted data. Cross-layer functions are the norm, in practice, because…
The server does not support the functionality required to fulfill the request. This is the appropriate response when the server does not recognize the request method and is not capable of supporting it for any resource. A 501 response is cacheable by default; i.e., unless otherwise indicated by the method definition or explicit cache controls.
Any potential occurrence that may cause an undesirable or unwanted outcome for an organization or for a specific asset is a threat. Threats can be intentional or accidental. They can originate from people, organizations, hardware, networks, structure, or nature.
The target resource has been assigned a new permanent URI and any future references to this resource ought to use one of the enclosed URIs. Clients with link-editing capabilities ought to automatically re-link references to the effective request URI to one or more of the new references sent by the server, where possible. The server…
The first principle of the CIA Triad is confidentiality. Confidentiality is the concept of protecting data, resources, or objects through a means of secrecy. This security measure means that anyone who is not authorized to access or interact with resources cannot do so. Protection Examples: You can protect your resources by using encryption, access controls,…
An essential part of risk management is identifying and examining threats to better assist senior management with creating or updating security policies within the organization. Below is a (live) list of possible threats to an organization. This can be used as an additional checklist to make sure virtually all areas contain safeguards where needed. Viruses…