Threat Modeling Flashcards
What is a threat?
A potential cause of an unwanted incident that may result in harm to a system, individual, or organization.
Can threats only be intentional?
No, threats can also be accidental, circumstantial, due to equipment failure, or natural disasters.
Why is it important to consider all types of threats?
Because readiness is required for all potential threats, not just specific types like malicious attacks.
What is the purpose of threat modeling?
To assess risk by understanding and identifying the various threats to software or systems.
What does the acronym STRIDE stand for?
Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.
What does the STRIDE model help achieve?
It helps identify and categorize various types of threats to assess risk.
What is Spoofing in the STRIDE context?
Pretending to be someone or something else.
What is Tampering in the STRIDE context?
Unauthorized modification or changing of data.
What is Repudiation in the STRIDE context?
Denying that an action was performed when it was.
What is Information Disclosure in the STRIDE context?
Revealing sensitive or protected information to unauthorized parties.
What is Denial of Service in the STRIDE context?
Preventing legitimate users from accessing or using a system or service.
What is Elevation of Privilege in the STRIDE context?
Gaining higher-level access rights or permissions than originally authorized.
What does the acronym PASTA stand for?
Process for Attack Simulation and Threat Analysis.
What is a key characteristic of the PASTA model?
It is risk-centric.
What are the initial steps in the PASTA process?
Define objectives and define the technical scope.
What follows scoping in the PASTA process?
Decomposing (breaking down) the application and analyzing threats to it.
What analysis occurs after identifying threats in PASTA?
Looking for vulnerabilities and analyzing the potential severity or frequency of attacks.
What is the final outcome calculated in the PASTA process?
Risk and impact.
Are STRIDE and PASTA the only threat modeling approaches mentioned?
No, hybrid threat modeling methods are also mentioned.
What framework might hybrid methods use for analysis?
The ‘six Ws’ (who, what, when, where, why, how) to analyze threat actions and results.
What is the name of a tool mentioned for scoring vulnerabilities?
Common Vulnerability Scoring System (CVSS).
What does the Common Vulnerability Scoring System provide?
A way to know identified vulnerabilities and assess their severity.
Why is identifying threats considered a fundamental step?
Because one cannot effectively defend against or fight an unknown enemy or threat.
Should threat modeling focus only on one type of attack?
No, it should consider more than just a single type of attack.
