Your company is engineering an information system to support the new business of selling toys online. As a security professional, you are working with the development team to review the design for flaws in the threat modeling process. Which of the following will you LEAST use in the process of identifying potential threats or design flaws?
A. Misuse case
B. STRIDE (Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege)
C. DREAD (Damage, Reproducibility, Exploitability, Affected Users, and Discoverability)
D. CWE (Common Weakness Enumeration)