Cornucopia - Ecommerce Website - CR 7

Suit: Cryptography

Card/Value: 7

Description:
Gunter can intercept or modify encrypted data in transit because the protocol is poorly deployed, or weakly configured, or certificates are invalid, or certificates are not trusted, or the connection can be degraded to a weaker or un-encrypted communication.

Technical Note:
Configuration best practice guidance needs to be reviewed periodically, vulnerability announcements monitored, and configuration standards updated.

NB: The key concept for this card is weak configuration rather than missing encryption.

References:
« Previous Card | Cryptography | Next Card »