1. We use many different types of risk management methodologies and tools. A part of the process...
Question:
1. We use many different types of risk management methodologies and tools. A part of the process involves identifying the threats to our system, generally by attackers who would harm our systems and data (assets). I've included a project that walks you through a simple threat modeling exercise, using STRIDE, which you will apply using a scenario, to understand the basic process.
2. Read the threat modeling article using STRIDE located at and complete a threat model and risk management plan
3. You will create a report for your "boss" identifying the threats to your systems/assets in the scenario, who the attackers are, how they will attack (using STRIDE), and will make recommendations for security controls?
Systems analysis and design in a changing world
ISBN: 978-1423902287
5th edition
Authors: John W. Satzinger, Robert B. Jackson, Stephen D. Burd