Question 1 The STRIDE threat model is a threat classification system developed by Microsoft that is a useful way of categorizing attacks that arise from deliberate actions Which one is NOT in the model 1 Spoofing identity 2 Tampering with data 3 Repudiation 4 Information disclosure 5 Denial of service 6 Elevation of privilege 7 Evaluation Question 2 Steps in kill chain (i e , steps that an adversary uses to target and engage cyberattack to achieve his or her objective) are 1) , 2) , 3) , 4) , 5) , 6) , and 7) Reconnaissance Weaponization Delivery Exploit Installation Command and control Actions Reconnaissance Evaluation Delivery Exploit Installation Command and control Actions Reconnaissance Weaponization Exploit Installation Delivery Command and control Actions Reconnaissance Delivery Exploit Installation Command and control Actions Evaluation Reconnaissance Weaponization Delivery Exploit Command and control Installation Actions Question 3 Once the risk assessment process is complete, management should have a list of all the threats posed to all assets, with an estimate of the magnitude of each risk The response to the set of identified risks is referred to as risk treatment (or risk response) What are FOUR options for treating risks (or responding to risks) Risk evaluation Risk reduction or mitigation Risk retention Risk allocation Risk avoidance Risk transfer or sharing

The Answer is in the image, click to view ...

Question: Question 1. The STRIDE threat model is a threat classification system developed by Microsoft that is a useful way of categorizing attacks that arise from

Question 1.

The STRIDE threat model is a threat classification system developed by Microsoft that is a useful way of categorizing attacks that arise from deliberate actions. Which one is NOT in the model?

1. Spoofing identity

2. Tampering with data

3. Repudiation

4. Information disclosure

5. Denial of service

6. Elevation of privilege

7. Evaluation

Question 2.

Steps in kill chain (i.e., steps that an adversary uses to target and engage cyberattack to achieve his or her objective) are 1) __________, 2) __________, 3) __________, 4) __________, 5) __________, 6) __________, and 7) __________.


	Reconnaissance; Weaponization; Delivery; Exploit; Installation; Command and control; Actions
	Reconnaissance; Evaluation; Delivery; Exploit; Installation; Command and control; Actions
	Reconnaissance; Weaponization; Exploit; Installation; Delivery; Command and control; Actions
	Reconnaissance; Delivery; Exploit; Installation; Command and control; Actions; Evaluation
	Reconnaissance; Weaponization; Delivery; Exploit; Command and control; Installation; Actions

Question 3.

Once the risk assessment process is complete, management should have a list of all the threats posed to all assets, with an estimate of the magnitude of each risk. The response to the set of identified risks is referred to as risk treatment (or risk response). What are FOUR options for treating risks (or responding to risks)?


	Risk evaluation
	Risk reduction or mitigation
	Risk retention
	Risk allocation
	Risk avoidance
	Risk transfer or sharing

Step by Step Solution

There are 3 Steps involved in it

1 Expert Approved Answer

Step: 1 Unlock blur-text-image

Question Has Been Solved by an Expert!

Get step-by-step solutions from verified subject matter experts

Step: 2 Unlock

Step: 3 Unlock

Students Have Also Explored These Related General Management Questions!

The STRIDE threat model is a threat classification system developed by Microsoft that is a useful way of categorizing attacks that arise from deliberate actions. 1 . Spoofing identity 2 . Tampering...

The STRIDE threat model is a threat classification system that is a useful way of categorizing attacks threat, motivation, mitigation that arise from deliberate actions. 1 . Spoofing identity 2 ....

Please be sure to not copy any answers verbatim. original answers needed will be scanned through the safe-assign system. read the Marketing Debate below What is the Best Way to Position a brand? and...

Structure your organization's work to encourage wise choices. by John Beshears and Francesca Gino Leaders as Decision Architects ALL li"PLOYEES, from CEOs to frontline workers, commit preventab}e...

Can any one help with the Quiz QUESTION 1 What is a vulnerability? a. An attempt to attack some weakness b. Some bad thing that might happen c. A weakness that may be exploited d. The likelihood that...

summary for this article :key theme, major findings, and key implications Harvard Business Review www.hbr.org A classic boxing match offers useful lessons for seizing How to Thrive in opportunities...

J Child Fam Stud (2017) 26:769-780 DOI 10.1007/s10826-016-0589-0 ORIGINAL PAPER A New Measure of the Expression of Shame: The Shame Code Kalee De France1 Dianna Lanteigne1 Jenny Glozman2 Tom...

Strategic Management Frank Rothaermel,6eRelease: 6th Edition Please include a word count of your post (excluding citations and references), no matter whether it is an initial post or a reply, at the...

This question involves the use of AGGREGATE linear PYTHOIN regression on the Auto data set. (a) Perform a simple linear regression with mpg as the response and horsepower as the predictor. Describe...

In this write up, the following should be covered: What is the primary issue facing the firm? What are the secondary issues facing the firm? What is the most appropriate action for the firm? What...

Meiton Company's purchases of materials during March totaled $110,000, and the cost of goods sold for March was $345,000. Factory overhead was 50% of direct labor cost. Other information pertaining...

1. In this case, who is the obligor? 2. Would this assignment substantially change the obligors rights or duties? 3. If the District does not want lottery winners to assign their money, what should...

AICPA professional standards require a public accounting firm to be independent when providing all of the following types of services except: Multiple Choice Financial statement audits Tax...

Case Greenbuilders Pte Lid ("GPL") is a local construction company which specialises in providing bespoke Design and Build construction services for private residential homes that are designed to be...