1
Q
Threat Models
A
STRIDE (Microsoft): threat based. threat categories
PASTA: Risk based on value of assets. Uses 7 steps.
VAST: Threat modeling that combines threat and risk management in the Agile programming process.
2
Q
STRIDE 6 Threat classifications
A
Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of privilege
3
Q
PASTA threat classification meanings
A
Process for attack simulation and threat analysis
4
Q
Reduction Analysis
A
Decomposing a system or application into its parts as part of the threat analysis process.
CISSP
flashcards
Decks in class (27)
# Cards
-
Risk Management7
-
Controls6
-
BC/DC4
-
Common Protocols and Ports17
-
Incident Response2
-
Encryption/Cryptography-General20
-
Symmetric Key Cryptography20
-
Security models20
-
Networking General6
-
Protections2
-
Ethics and investigations5
-
Threats4
-
Assessment and Testing8
-
Data Protection Methods5
-
Multi-tasking5
-
SSO Solutions7
-
Secure Network Architecture3
-
Software Development Security6
-
Network Attacks4
-
Software Review Testing4
-
IP Networking2
-
Web Application Vulnerabilities2
-
Controlling and monitoring Access13
-
NIST publications4
-
Malicious code and applications1
-
Physical Security Controls4
-
Governance2
