Back

Test the system for Denial of Service.


CONTROL ID
01326
CONTROL TYPE
Testing
CLASSIFICATION
Detective

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Perform penetration tests, as necessary., CC ID: 00655

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Test web-based applications to ensure they consistently restrict URL access. (§ 5.2.10, Payment Card Industry (PCI) Payment Application Data Security Standard, Version 1.1)
  • For cloud computing application program interfaces, does the Application Program Interface code security testing include Denial of Service? (§ V.1.39.2.6, Shared Assessments Standardized Information Gathering Questionnaire - V. Cloud, 7.0)
  • Did the penetration test work plan include Denial of Service testing? (IT - Pen Test Review Q 7l, Automated Integrated Regulatory Examination System (AIRES) IT Exam Questionnaires, version 073106A)