From d7ae3a43914134563b904409eda23d3e2b198ed5 Mon Sep 17 00:00:00 2001 From: Satoshi SAKAO Date: Thu, 9 Apr 2020 18:00:54 +0900 Subject: [PATCH] fix typo --- .../lessonPlans/en/SqlInjection_introduction_content10.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc index 626a7e3ec..dfc70d2cc 100644 --- a/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc +++ b/webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_introduction_content10.adoc @@ -1,7 +1,7 @@ == Compromising Availability After successfully compromising confidentiality and integrity in the previous lessons, we now are going to compromise the third element of the CIA triad: *availability*. -The are many different ways to violate availability. +There are many different ways to violate availability. If an account is deleted or the password gets changed, the actual owner cannot access it anymore. Attackers could also try to delete parts of the database making it useless or even dropping the whole database. Another way to compromise availability would be to per example revoke access-rights from admins or any other users, so that nobody gets access to (specific parts of) the database.