03 - Threat Modeling

Question 1

What is threat modeling?

Answer 1

A proactive approach to identify, prioritize, and address potential security threats from an attacker’s perspective, analyzing vulnerabilities and planning mitigations early in system design.

Question 2

What are the three main purposes of threat modeling?

Answer 2

1. Understand likely attackers, motives, and targets.
2. Discover vulnerabilities and attack paths.
3. Prioritize defenses by threat relevance and feasibility.

Question 3

Name the four key questions the threat modeling process answers

Answer 3

1. Where are the high-value assets?
2. Where is the system most vulnerable?
3. What threats are most relevant?
4. Are there unnoticed attack vectors?

Question 4

List four benefits of using threat modeling.

Answer 4

1. Early detection of security issues before coding.
2. Clarifies security requirements aligned to business goals.
3. Improves product design and reduces costly redesigns.
4. Exposes hidden issues not found by other tools.

Question 5

What’s the first step in the 4-step threat modeling framework?

Answer 5

“What are you building?” — create diagrams (DFD, system context, architecture) and define trust boundaries.

Question 6

In threat modeling, what does STRIDE stand for?

Answer 6

Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.

Question 7

What’s the second step in the 4-step framework?

Answer 7

“What can go wrong?” — apply STRIDE and/or attack trees to enumerate threats against your diagrams.

Question 8

Give a mitigation strategy from the third step of threat modeling.

Answer 8

Mitigate (reduce likelihood/impact), Eliminate (remove risky feature), Transfer (outsource risk), or Accept (tolerate low/unavoidable risk).

Question 9

What’s the fourth step of threat modeling?

Answer 9

“Did you do a decent job?” — validate diagrams for clarity and completeness, ensure threats are logged, addressed, tested, and resolved

Question 10

Define “Spoofing” in STRIDE.

Answer 10

Pretending to be something or someone you are not.

Question 11

Define “Tampering” in STRIDE.

Answer 11

Modifying something you’re not supposed to modify.

Question 12

Define “Repudiation” in STRIDE.

Answer 12

Claiming you didn’t do something, regardless of whether you did.

Question 13

Define “Information Disclosure” in STRIDE.

Answer 13

Exposing information to unauthorized parties.

Question 14

Define “Denial of Service” in STRIDE.

Answer 14

Attacks designed to prevent a system from providing its services

Question 15

Define “Elevation of Privilege” in STRIDE

Answer 15

Gaining abilities beyond those granted (doing things you shouldn’t be able to).

Question 16

Which security goal corresponds to Spoofing?

Answer 16

Authenticity

Question 17

Which security goal corresponds to Tampering?

Answer 17

Integrity

Question 18

Which security goal corresponds to Repudiation?

Answer 18

Non-repudiation.

Question 19

Which security goal corresponds to Information Disclosure?

Answer 19

Confidentiality

Question 20

Which security goal corresponds to Denial of Service?

Answer 20

Availability

Question 21

Which security goal corresponds to Elevation of Privilege?

Answer 21

Authorization