1. We use many different types of risk management methodologies and tools. A part of the process involves identifying the threats to our system, generally by attackers who would harm our systems and data (assets). I've included a project that walks you through a simple threat modeling exercise, using STRIDE, which you will apply using a scenario, to understand the basic process.

2. Read the threat modeling article using STRIDE located at and complete a threat model and risk management plan

3. You will create a report for your "boss" identifying the threats to your systems/assets in the scenario, who the attackers are, how they will attack (using STRIDE), and will make recommendations for security controls?

Answer rating: 100% (QA)

Research Management Methodologies Rate the threats Decompose the application Document the threats Identify the threats Create an architecture overview Identify assets An overview of threat model Expla... View the full answer