Threat Modeling Concepts and Process Quiz BSIT 4A
Authored by Dyck Robles
Computers
University
Used 2+ times
AI Actions
Add similar questions
Adjust reading levels
Convert to real-world scenario
Translate activity
More...
Content View
Student View
15 questions
Show all answers
1.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
What is threat modeling?
The process of identifying, categorizing, and analyzing potential threats
The process of designing and developing secure systems
The process of testing and patching deployed products
The process of reducing vulnerabilities and risks
2.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
When can threat modeling be performed?
Only during the design and development phase
Only after a product has been deployed
Both during the design and development phase and after deployment
None of the above
3.
MULTIPLE SELECT QUESTION
1 min • 1 pt
What are the goals of Microsoft's Security Development Lifecycle (SDL) process?
To increase the number of security-related design and coding defects
To increase the severity of any remaining defects
To reduce the number of security-related design and coding defects
To reduce the severity of any remaining defects
4.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
What is the proactive approach to threat modeling?
Predicting threats and designing defenses during the coding process
Relying on post-deployment updates and patches to address threats
Crafting updates or patches to be added after deployment
Starting over from scratch to produce better products
5.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
What is the reactive approach to threat modeling?
Predicting threats and designing defenses during the coding process
Relying on post-deployment updates and patches to address threats
Crafting updates or patches to be added after deployment
Starting over from scratch to produce better products
6.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
What is fuzz testing?
A technique to stress software by supplying invalid input
A technique to identify potential attackers and their goals
A technique to identify vulnerabilities in software code
A technique to simulate attacks and analyze their impact
7.
MULTIPLE CHOICE QUESTION
1 min • 1 pt
What are the three approaches to identifying threats?
Focused on assets, focused on attackers, focused on software
Focused on assets, focused on vulnerabilities, focused on countermeasures
Focused on attackers, focused on vulnerabilities, focused on countermeasures
Focused on assets, focused on vulnerabilities, focused on attackers
Access all questions and much more by creating a free account
Create resources
Host any resource
Get auto-graded reports
Continue with Google
Continue with Email
Continue with Classlink
Continue with Clever
or continue with
Microsoft
%20(1).png)
Apple
Others
Already have an account?
