Description should include the identification of the attack surface as being the sum of the points at which an unauthorized user can attempt to gain access to the system to extract information or disrupt processes.
Description should also include
Process/Skill Questions: