Description—Specify important information about
the attack, such as why you created the attack object, how the attack
or exploit works, and what specific systems on your network the attack
object is intended to protect. For example, you might want to include
information about the following:
- Specifics about the attack such as buffer overflow, password
exploit, format string attack, and denial-of-service
- Affected system (hardware, operating system, software
application, or protocol the attack targets)
- Attack mechanism (how the attack works)
- Attack severity (the consequences of a successful attack)
Although adding a description is not required for creating
a custom attack object, it is a recommended practice. The description
helps register important information that you can use when you want
to edit the attack object.
