We use many different types of risk management methodologies and tools. A part of the process involves identifying the threats to our system, generally by attackers who would harm our systems and data (assets). I've included a project that walks you through a simple threat modeling exercise, using STRIDE, which you will apply using a scenario, to understand the basic process. 

1.  Read the threat modeling article using STRIDE located at https://www.webtrends.com/blog/2015/04/threat-modeling-with-stride/ and complete a threat model and risk management plan

2.  Read the attached Project description. you will create a report for your "boss" identifying the threats to your systems/assets in the scenario, who the attackers are, how they will attack (using STRIDE), and will make recommendations for security controls (use your textbook, too).

    • 6 years ago
    COMPLETED ANSWER
    NOT RATED

    Purchase the answer to view it

    blurred-text
    • attachment
      ThreatexposurebyuseofSTRIDE.docx