Question 19 Match the threat category to its definition. Accidental Discovery Automated Malware The Curious Attacker Script Kiddies The Motivated Attacker Organized Crime A. a
Question 19
Match the threat category to its definition.
|
Accidental Discovery |
Automated Malware |
The Curious Attacker |
Script Kiddies |
The Motivated Attacker |
|
|
10 points
Question 20
Impersonating something or someone else.
spoofing | ||
aliasing | ||
decoy | ||
imposter |
10 points
Question 21
Modifying code or data without authorization.
rendering | ||
modification | ||
meddle | ||
tampering |
10 points
Question 22
NOT (the ability to claim to have not performed some action against an application).
non-repudiation | ||
encryption | ||
debunking | ||
non-exposure |
10 points
Question 23
What does elevation of privilege mean?
the ability of a user to elevate their privileges by signing on to a system with a higher level user | ||
the ability of a user to elevate their privileges with an application without authorization | ||
the ability of a user to elevate their privileges by impersonating someone else | ||
the ability of a user to elevate their privileges by using a man-in-the-middle attack |
10 points
Question 24
What is the name of the Microsoft tool that based upon CISF?
Risk Tracker | ||
WPL | ||
SDL | ||
TAM |
10 points
Question 25
Which is an open source threat modeling tool?
TAM | ||
TRIKE | ||
ThreatMind | ||
CORBA |
10 points
Question 26
What is the name of the threat modeling tool developed by CERT?
CVSS | ||
TRIKE | ||
OCTAVE | ||
AS/NZ 4360 |
10 points
Question 27
Risk is _____ when the risk inherent in the action is illustrated to the user and the user accepts that risk in order to use that feature.
accepted | ||
avoided | ||
transferred | ||
reduced |
10 points
Question 28
The Microsoft SDL tool is based upon the STRIDE approach.
True
False
10 points
Question 29
OWASP recommends Microsofts threat modeling process because it works well for addressing the unique challenges facing web application security and is simple to learn and adopt by designers, developers, code reviewers, and the quality assurance team.
True
False
10 points
Question 30
Using strong cryptography appropriately is believed to be a strong countermeasure to many types of denial of service threats.
True
False
Step by Step Solution
There are 3 Steps involved in it
Step: 1
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started