5. Threat modeling

a) synthesizes an application

b) evaluates risks

c) should be done early in the system development life cycle

d) helps in designing a system

6. When computerizing a new system, threat modeling should be caried out

a) at the systems analysis phase

b) at the design phase

c) at the integration testing phase

d) at the requirement specification phase.

7. A DMZ is

a) a zone in a data center where customers servers are installed

b) an area between the internal and external networks

c) no mans land in cyber warfare

d) a trusted internal network area