1
00:00:00,760 --> 00:00:07,240
One concept you should be familiar with when it comes to the security fundamentals exam is attacks surface

2
00:00:07,330 --> 00:00:08,220
analysis

3
00:00:12,590 --> 00:00:18,450
and attacks surface is all the different ways that an attacker could get into a system and where they

4
00:00:18,450 --> 00:00:19,770
could get data out.

5
00:00:21,320 --> 00:00:30,540
Knowing this information can help developers to properly secure applications to prevent attacks attack

6
00:00:30,540 --> 00:00:37,860
service analysis is usually done by security architects or pen testers and it will identify what parts

7
00:00:37,860 --> 00:00:41,430
of the system need to be tested for security vulnerabilities.

8
00:00:42,210 --> 00:00:49,510
What areas of the code should be considered high risk as well as when you should re-evaluate the application.

9
00:00:51,850 --> 00:00:58,810
Here in this article by O waspish the open web applications curity project has a lot of great information

10
00:00:58,810 --> 00:01:08,160
about defining the attack surface of an application as well as identifying and mapping the attack surface.

11
00:01:08,200 --> 00:01:14,410
If you want to learn more about attack surface concepts I added a link to this article in the resources

12
00:01:14,530 --> 00:01:15,620
for this lecture.