Week 9 - Cyber Risk Assessment and Threat Modelling Flashcards
Learn about how organisations assess threats and their risks to the systems and defend against these threats.
What is threat modeling?
The structured process of determining the threat landscape for a given context. This context could be an application, a system etc..
What is a threat landscape?
The possible range of attacks that can be present within a context.
Why is the threat modelling approach better than the ad hoc approach?
Threat modelling is a lot more structured, and ad hoc is more likely to miss particular threats.
What are the 4 parts of the process of threat modelling?
Diagram - what are we building?
Identify threats - what can go wrong?
Mitigate - what will we do about it?
Validate - how did we do?
What might you do during the Diagram step of threat modelling?
Exploring a system, understanding it and explaining it and it’s functionality. You might make diagrams of the system, like class diagrmad or data flow diagrams.
What do you do during the identify threats step of threat modelling?
You brainstorm the the type of potential threats that might target your system and it vulnerabilities. You might use a framework to structure discussions about threats around, Frameworks like Stride, Cyber Kill Chains, Attack trees etc..
What do you do during the mitigate step of threat modelling?
Consider the mitigation techniques that you could implement to prevent the treats, and priorotize and implement them into the system.
What happens during the validation step of threat modelling?
You reflect and review the fixes deployed in the mitigation step and evulate their effectiveness. You might revise these mitigations and add new ones if they are not working as well as intended.
What does the STRIDE framework do?
It helps developers determine common types of potential attacks for their system. These common threats can be found in the words of the acronym STRIDE.
It is a proactive process of determining potential attacks and does not help analyse attacks that have happened.
What does STRIDE stand for?
Spoofing Tampering Repudiation Information disclosure Denial of service Elevation or escalation of privilege
Define Spoofing in terms of STRIDE e.g. Name the treat, property, definition and an example.
Threat - Spoofing
Property - Authentication
Definition - Masquerading as something or someone else
Example - Phishing website or email
What is the data we look at for a given threat using STRIDE?
The threat, the property it affects, the definition of the threat, and an example of the threat.
Define Tampering in terms of STRIDE e.g. Name the treat, property, definition and an example.
Threat - Tampering
Property - Integrity
Definition - Unauthorised modification of data
Example - Unauthorised modification of salary in a database
Define Repudiation in terms of STRIDE e.g. Name the treat, property, definition and an example.
Threat - Repudiation
Property - Non-Repudiation
Definition - Refusal to accept responsibility for an action
Example - An individual claiming that an email sent from their address was not sent by them
Define Information Disclosure in terms of STRIDE e.g. Name the treat, property, definition and an example.
Threat - Information Disclosure
Property - Confidentiality
Definition - Exposure of confidential information to unauthorised parties
Example - Password leaks
Define Denial of Service in terms of STRIDE e.g. Name the treat, property, definition and an example.
Threat - Denial of Service
Property - Availability
Definition - Service unavailable to legitimate users when it should be available
Example - Service request floods such as on HTTPS