Get all Your Education Homework help from Tutorslite.com
Which is a privacy analog to security threat modeling?
a. Privacy impact statement
b. Disclosure
c. Privacy ratchet
d. Slider
Sending an email with confidential information to the wrong email address is an example of which component of STRIDE?
a. Spoofing
b. Information disclosure
c. Repudiation
d. Elevation of privileges
Failure to review privileges after a corporate reorganization is an example of which component of STRIDE?
a. Elevation of privilege
b. Denial of service
c. Tampering
d. Spoofing
Which of the following steps are not part of developing an attack tree?
a. Create subnodes
b. Decide on representation
c. Attack the system
d. Consider completeness
Forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source is an example of which component of STRIDE?
a. Denial of Service
b. Tampering
c. Spoofing
d. Elevation of privileges
Flooding a website with requests is an example of which component of STRIDE?
a. Elevation of privilege
b. Tampering
c. Spoofing
d. Denial of service
Having no proof after the fact of the principals involved in a transaction is an example of which component of STRIDE?
a. Elevation of privileges
b. Tampering
c. Repudiation
d. Spoofing
Which is a comprehensive dictionary and classification taxonomy of known attacks that can be used by analysts, developers, testers, and educators to advance community understanding and enhance defenses?
a. KUPCHAK
b. CPAP
c. PAYCHECK
d. CAPEC
Modification of a file that is owned by another user is an example of which component of STRIDE?
a. Tampering
b. Elevation of privileges
c. Spoofing
d. Denial of service
What type of an attack tree requires the state of the node to depend on all sub nodes to be true?
a. IIF Tree
b. NEUTRAL Tree
c. AND Tree
d. OR Tree