Threat Modelling And Intelligence

Question 1

Architecture centric

Answer 1

Threat modeling approach.
How? - question
Identifies system design component strength and weakness. Weakness is patching for exploit

Question 2

Threat intelligence

Answer 2

Is evidence based knowledge about emerging threats what can be used to inform control decisions. Is aggregated from reliable sources and cross-correlated for accuracy, analyzed by trained specialists, assessed for relevancy, actionable where includes context, mechanisms, indicators, implications, response/ remediation advice

Question 3

Threat modeling

Answer 3

Structured process by which potential threats and threat actors can be identified, enumerated and prioritized

Question 4

OSNIT - open source intelligence

Answer 4

Term used to refer to the data collected from publicity, available sources to be used in an intelligence context. OSNIT framework organized is by topics and tools. This framework is structured collection of tools

Question 5

Work factor

Answer 5

The time, effort and resources necessary for the attacker to successfully achieve their objective.

Question 6

CIS-CISA.GOV - cybersecurity and infrastructure security agency

Answer 6

Us gov agency working with government and industry to identify available and prioritize and manage the most significant cybersecurity strategi risks to the nations critical infrastructure

Question 7

Asset-centric

Answer 7

Threat modeling approach,main question is: Why? - identify of valued assets and notification to attack them.

Question 8

Attacker-centric

Answer 8

Threat modeling approach - who can do it? This is an identification of adversaries (opponents).