An asset is anything in an organization that should be protected. Assets can be very broad and some examples include:
Assets can vary from organization to organization. In theory, anything an organization classifies as important enough to protect, can be labeled as an asset for risk management purposes.
The server understands and is willing to comply with the client’s request, via the Upgrade header field, for a change in the application protocol being used on this connection. The server MUST generate an Upgrade header field in the response that indicates which protocol(s) will be switched to immediately after the empty line that terminates…
Administrative controls are the policies and procedures defined by an organization’s security policy and other regulations or requirements. These controls focus on personnel and business practices. Examples: policies, procedures, hiring practices, background checks, employee training.
The concept of threat modeling is where potential threats are identified, categorized, and analyzed. There are two different ways threat modeling can be performed: proactive and reactive. Proactive threat modeling: performed during the design and development phase. Reactive threat modeling: performed after a product has been created and deployed. Once potential threats are discovered, the…
The server is unwilling to process the request because its header fields are too large. The request MAY be resubmitted after reducing the size of the request header fields. It can be used both when the set of request header fields in total is too large, and when a single header field is at fault….
The method could not be performed on the resource because the server is unable to store the representation needed to successfully complete the request. This condition is considered to be temporary. If the request that received this status code was the result of a user action, the request MUST NOT be repeated until it is…
The server encountered an unexpected condition that prevented it from fulfilling the request.