Security Testing Vs. Threat Modeling
To enhance the security of information systems, enterprises are developing and adopting information system management systems. However, if an information management system is exploited, applications and the data they contain will be compromised. Therefore, it is important to perform comprehensive threat modeling throughout the enterprise.
Assignment1 THREAT MODELING
In your own words explain (a) what is threat modeling, and (b) why it is important for an enterprise to address threat modeling extensively. Please state your answer in a 1-2 page paper in APA format. Include citations and sources in APA style.
Meets or exceeds established assignment criteria 40
Demonstrates an understanding of lesson concepts 20
Clearly presents well-reasoned ideas and concepts 30
Uses proper mechanics, punctuation, sentence structure, spelling and APA structure 10
STRIDE is a model-based threat modeling technique developed by Microsoft. The methodology guides the security analyst through several activities that must be conducted in order for the process to be effective.
For this assignment explain in detail how you would start a threat modeling project. Please provide explanations for each step stated. Please state your answer in a 1-2 page paper in APA format. Include citations and sources in APA style.
Threat modeling and security testing are similar in regard to both serve the purpose of addressing risk, however, both have their own respective specific purpose.
For this assignment identify and explain the key differences between security testing and threat modeling. Please state your answer in a 1-2 page paper in APA format. Include citations and sources in APA style.
In this week’s reading we looked at accounts, identity, authentication, and account recovery. There is an old adage that says, “You can never be too safe. When it comes to the digital world, it’s very true. Cyber hackers and hijackers are lurking everywhere to steal digital information. And while it’s a piece of cake for them to get passwords and other sensitive information, for the rest of us, keeping track of login information is a hassle especially since everything needs its own password. It’s too much and eventually passwords get forgotten.
The week’s reading mentioned various methods of approach to account recovery. In your own words state what approach(s) you believe are the best approaches for account recovery, and how you would apply the approach in an enterprise setting. Please state your answer in a 1-2 page paper in APA format. Include citations and sources in APA style.