Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

We use many different types of risk management methodologies and tools. A part o

ID: 3891521 • Letter: W

Question

We use many different types of risk management methodologies and tools. A part of the process involves identifying the threats to our system, generally by attackers who would harm our systems and data (assets). I've included a project that walks you through a simple threat modeling exercise, using STRIDE, which you will apply using a scenario, to understand the basic process.

1. Read the threat modeling article using STRIDE located athttps://www.webtrends.com/blog/2015/04/threat-modeling-with-stride/ and complete a threat model and risk management plan

Explanation / Answer

Q1) Complete a threat model and risk management plan

Objectives of Threat Modeling - Threat modeling is a procedure for optimizing Network/ Application/ Internet Security by identifying objectives and vulnerabilities, and then defining countermeasures to prevent, or mitigate the effects of, threats to the system. A threat is a potential or actual undesirable event that may be malicious (such as DoS attack) or incidental (failure of a Storage Device). Threat modeling is a planned activity for identifying and assessing application threats and vulnerabilities.

Threat Modeling - Lifecycle Steps - For a threat to an application to exist, there must be a combination of the following where the combined likelihood and impact are important enough to do something about. Following is an outline of a generic methodology for Threat Modeling:

Risk management - is defined as the process of identifying, monitoring and managing potential risks in order to minimize the negative impact they may have on an organization. Examples of potential risks include security breaches, data loss, cyber attacks, system failures and natural disasters. An effective risk management process will help identify which risks pose the biggest threat to an organization and provide guidelines for handling them.

The 3 Steps of Risk Management:-

Please let me know in case of any clarifications required. Thanks!

Related Questions

We typically deal with sound that has wavelengths comparable to the objects it i
Question #1400511
We typically deal with sound that has wavelengths comparable to the objects it i
Question #2093704
We typically have multiple data observations which we use to estimate a paramete
Question #3176033
We typically have multiple data observations which we use to estimate a paramete
Question #3182428
We typically see heats of combustion in units of MJ/lb or MJ/mole. When dealing
Question #1855397
We typically see heats of combustion in units of MJ/lb or MJ/mole. When dealing
Question #1855402
We understand the motion of a charged particle in a uniform electric field: usua
Question #1570770
We understand the motion of a charged particle in a uniform electric field: usua
Question #1619345

Navigate

Previous
We use many different types of resources from all over the earth (see Figure 11.
Next
We use recursion extensively when working with binary trees because Recursion us