QUESTION 11 When should you start to threat model in a software development proj

Question

QUESTION 11 When should you start to threat model in a software development project? a. When coding starts b. When the project begins c. When initial coding is complete d. As part of the delivery phase 10.00000 points

QUESTION 12 Which approach to threat modeling is best when time is limited? a. Depth first b. Top down c. Breadth first d. Bottom up 10.00000 points

QUESTION 13 Which attack tree representation generally takes more work but can help the reader to focus their attention better? a. Graphically b. Linear map c. Directed graph d. Outline 10.00000 points

QUESTION 14 Which of the following can have integrity protections applied to them? (choose all that apply) a. Disk b. People c. Network d. Memory 10.00000 points

QUESTION 15 Which of these is NOT a good prioritization strategy? (choose all that apply) a. Wait and see b. Randomly fix issues c. DREAD d. Bug bars

Explanation / Answer

SOLUTIONS :

SOLUTION FOR 11-A:The threat model should start when the architecture is setup in an SDLC Phase.It is a imaginary words.This is an important aspect of a project and should be started as soon as the architecture is setup.

SOLUTION FOR 12-C: When the time is short we need to trace back in breadth first approach.

SOLUTION FOR 13- A: When graphically the tree is represented then it helps the reader to focus on and have a better claity of the information provided.

SOLUTION FOR 14:

Network and Memory need to have integrity protection applied to them.

SOLUTION FOR 15:

Wait and see, Randomly fix issues and Dread are absolutely not good prioritization strategy.

Related Questions

Navigate

• Browse (All)
• Browse Q
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.