Question: Activity 5 Specify and address SIX risks. To achieve this, you must review the data flow diagram created in Activity 4 to identify any areas

Activity 5 Specify and address SIX risks. To achieve this, you must review the data flow diagram created in Activity 4 to identify any areas of intentional or unintentional exploitation of the data flows using STRIDE. Identify any conflicts towards security or trust expectations specified in Activity 1. When using STRIDE, this will help you to identify threats and potential vulnerabilities that may be exploited. You are expected to use ONE or more Attacker personas representing a potential attacker exploiting a vulnerability. Provide a name and description for each threat and vulnerability, and provide related details for each (e.g. the attacker, assets of concern, likelihood and severity, etc)- Tip: Align the threats with something like those found in CAPEC or ATT&CK. A threat and vulnerability combination will become a risk, where each risk must be provided with a risk name and description (misuse case). Each of the SIX risks identified should be scored and rated. Apply suitable risk responses for each risk. (Depending on the response, this will relate to a countermeasure supported by a requirement in the Activity 6)

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related Mathematics Questions!

IFSM 461: Systems Analysis and Design Precision Electronic Parts, Inc. Case Study Introduction This case study will be used for a series of staged assignments. It should be thoroughly read and...

Describe the types of cybercrimes facing organizations and critical infrastructures, explain the motives of cybercriminals, and evaluate the financial Explain both low-tech and high-tech methods...

Final Paper Instructions/Guidelines: The final paper must be a minimum of 5 pages and a maximum of 7 pages in APA format. You can find APA guidelines in the Week Six folder under final paper tips....

ACC 640 Keystone Case Study Engagement Overview Keystone Inc., a listed company on a U.S. stock exchange (publicly traded) in the United States, is looking to expand. XBroker was seen as a potential...

***READ THIS FIRST*** I need the questions for Part 1 AND Part 2 answered for this case study. The answers must be well-written, detailed, and must answer each question fully with examples from the...

Public Health Preparedness Capabilities: National Standards for State and Local Planning March 2011 Centers for Disease Control and Prevention Table of Contents Public Health Preparedness...

1.Fraud risks related to Teslas culture, leadership, and governance structure a)How would you describe the tone at the top set by Teslas leader, Elon Musk? How does Musks leadership style and his...

In 2005, in a dramatic move, Standard & Poors Ratings Group, the large financial company that evaluates the riskiness of Companies debt, downgraded its rating of General Motors and Ford Motor Co....

T&C Printing is a stationery store operated in partnership by Tim and Caitlin. The partnership agreement provides the following: an annual salary of $35,000 to Caitlin for working full-time in...

AMAZON COMPANY - A business case that includes a description, type of business, and sources of funding - A profit - and - loss statement for a 3 - year period Project revenue. State realistic...

2023 1040 form 1.Phillip and Claire are married and file a joint return. Phillip is self-employed as a real estate agent, and Claire is a flight attendant. Phillip and Claire have three dependent...