Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Last Exercise

    Încărcat de

    Djoanna Marie Tee Vasquez
    4 vizualizări1 pagină
    1. Hazard analysis helps identify potential safety issues in systems to prevent loss of life or injury. Additional tools like the Microsoft Threat Analysis & Modeling Tool help structure threat modeling to iteratively assess vulnerabilities and prioritize security measures. 2. The tool produces useful outputs like access control matrices, data and call flows, and attack surfaces to analyze threats. 3. A hazard is a condition that could lead to an unplanned event, while a threat is a specific type of attack that may cause a risk like lost or destroyed assets.

    Descriere originală:

    Drepturi de autor

    © Attribution Non-Commercial (BY-NC)

    Formate disponibile

    DOCX, PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document
    1. Hazard analysis helps identify potential safety issues in systems to prevent loss of life or injury. Additional tools like the Microsoft Threat Analysis & Modeling Tool help structure threat modeling to iteratively assess vulnerabilities and prioritize security measures. 2. The tool produces useful outputs like access control matrices, data and call flows, and attack surfaces to analyze threats. 3. A hazard is a condition that could lead to an unplanned event, while a threat is a specific type of attack that may cause a risk like lost or destroyed assets.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    4 vizualizări1 pagină

    Last Exercise

    Încărcat de

    Djoanna Marie Tee Vasquez
    1. Hazard analysis helps identify potential safety issues in systems to prevent loss of life or injury. Additional tools like the Microsoft Threat Analysis & Modeling Tool help structure threat modeling to iteratively assess vulnerabilities and prioritize security measures. 2. The tool produces useful outputs like access control matrices, data and call flows, and attack surfaces to analyze threats. 3. A hazard is a condition that could lead to an unplanned event, while a threat is a specific type of attack that may cause a risk like lost or destroyed assets.

    Drepturi de autor:

    Attribution Non-Commercial (BY-NC)
    Descărcați ca DOCX, PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 1

    Last Exercise

    1.  Give some examples of systems where inadequate hazard analysis can lead to potential loss of life
    or personal injury.

    What types of additional tooling are necessary for threat modelling?


    2. 
    Threat modeling ensures that your application is as secure as possible by iteratively assessing
    the vulnerabilities in your application to find those that are most dangerous. In this way, you
    can create a prioritized set of countermeasures to measure and contain the risks.

    Microsoft Threat Analysis & Modeling Tool (TAM) allows you to enter application-specific
    information and to produce a feature-rich threat model. Along with automatically identifying
    threats, the tool can produce valuable security artifacts such as:

     Data access control matrix


     Component access control matrix
     Subject-object matrix
     Data Flow
     Call Flow
     Trust Flow
     Attack Surface
     Focused reports

    What is the difference between a hazard and a threat?


    3. 
    Hazard refers to a condition, event, or circumstance that could lead to or contribute to an unplanned or undesired event. On
    the other hand, threat is a type of attack (e.g., service denial) that may cause a potential risk of lost, destroyed, or stolen
    assets.

    S-ar putea să vă placă și