As the architect of the software development team, you and your team are conducting threat modeling. Which of the following is the first action you should take?
A. Calculate residual risk.
B. Prepare use cases and data flow diagrams.
C. Implement input validation, error handling, and logging.
D. Identify threats per OWASP Top 10 Web Application Security Risks.
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. Prepare use cases and data flow diagrams.
According to the CSSLP CBK, the threat modeling can be conducted in this way:
- Diagram Application Architecture
Use cases can be used to identify actors, data flow diagrams describe data elements and their flow, and architecture diagrams demonstrate topologies.
- Identify Threats
OWASP Top 10 Web Application Security Risks is a categorized threat list, a common tool used in risk/threat identification.
- Identify, Prioritize & Implement Controls
Input validation, error handling, and logging are countermeasures or controls to mitigate threats. They are implemented after threats are identified.
- Document & Validate
Calculating residual risk is the last step after the countermeasures or controls are implemented.
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.
A. 計算殘餘風險(residual risk)。
B. 準備使用案例(use cases)和資料流程圖。