Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Can anyone help with quiz QUESTION 1 The best time to threat model is: At the st

ID: 3733490 • Letter: C

Question

Can anyone help with quiz

QUESTION 1

The best time to threat model is:

At the start of the project

As you work through the features

Both A and B

A but not B

5.00000 points   

QUESTION 2

Which is an audience for external security notes?

Customers

Agents

API Callers

Both A and C

5.00000 points   

QUESTION 3

Good security design involves:

Minimizing risk through appropriate design

Hiring brilliant programmers

Enforcement of the customer/vendor trust boundary

Both A and C

5.00000 points   

QUESTION 4

What is the most important thing that designers of new technology can do?

Isolate their solution from the Internet

Implement SHA-3

Define and communicate trust relationships

Keep their design secret

5.00000 points   

QUESTION 5

The high-trust side of an API needs to do the following:

Perform all security checks inside the trust boundary

Disconnect users after 5 minutes

Both A and B

Neither A nor B

5.00000 points   

QUESTION 6

Which is an approach for mitigating spoofing?

Two-factor authentication

Kerberos authentication

Neither A nor B

Both A and B

5.00000 points   

QUESTION 7

Which is an approach for mitigating tampering?

Tripwire

Reference Monitor

Both A and B

Neither A nor B

5.00000 points   

QUESTION 8

Which is an approach for mitigating repudiation?

IP address geolocation

Device Fingerprinting

Both A and B

IP Sec

5.00000 points   

QUESTION 9

Which is an approach for mitigating Denial of Service?

Stenography

DNS Hosting

Traffic filtering

All of the above

5.00000 points   

QUESTION 10

Which is the best way to address threats to a system?

Custom solutions

IP filtering

Standard, well tested products and features

A but not C

a.

At the start of the project

b.

As you work through the features

c.

Both A and B

d.

A but not B

Explanation / Answer

Solution:

The first four subparts have been answered as per Chegg guidelines, please repost others

1)

c

Explanation:

It is always a good time to start figuring out security vulnerabilities in at the start of the project but you need to consider threat model in between as well.

2)

d. Both A and C

Explanation:

Both the customers and API callers need to learn about the security of the product.

3)

Both A and C
4)

c. Design and communicate trust relationship

5)

c.A

Perform all the security checks inside the trust boundaries.

6)

Both A and B

7)

Tripwire

8)

Both A and B

9)

d

10)

c

I hope this helps if you find any problem. Please comment below. Don't forget to give a thumbs up if you liked it. :)

Related Questions

Can anyone help me with this? The bubble sort algorithm is a very simple but ine
Question #3716307
Can anyone help me with this? here is a file called SimpleSong.java the followin
Question #3605768
Can anyone help me with this? just Activity 1 2 and anything worth up to 7 point
Question #3599622
Can anyone help me with this?Please include citation and need to be in a memo fo
Question #329297
Can anyone help me write a MATLAB CODE which can run both secant method and modi
Question #3110207
Can anyone help me write comments for this code. Fill this code with alot of use
Question #673954
Can anyone help me write the prodcedure for Ohm\'s law lab. Here are the infors
Question #1625375
Can anyone help me write the prodcedure for Ohm\'s law lab. Here are the infors
Question #1638524

Navigate

Previous
Can anyone help with queston 5 steps please? A sample of an unknown material app
Next
Can anyone help with step by step instructions on how to solve. I understand som