Which practice is used to map out potential threats by considering attacker goals, system architecture, and data flow?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $24.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam. Study with comprehensive questions and explanations. Equip yourself with the skills needed for success!

Multiple Choice

Which practice is used to map out potential threats by considering attacker goals, system architecture, and data flow?

Explanation:
Threat modeling identifies and analyzes potential threats by examining attacker goals, how the system is built, and how data moves through it. By outlining who might attack, what assets they want to reach, and where data travels and is stored, you reveal the paths an attacker could take and where security controls are needed. This approach helps you map trust boundaries, data flows, and the overall attack surface, so you can prioritize mitigations effectively. Frameworks like STRIDE guide you to think about different kinds of threats—such as spoofing, tampering, information disclosure, and privilege escalation—within the context of the actual architecture and data movement. In practice, you’d create a clear picture of the system—components, data stores, interfaces, and data flows—and then pair that with attacker goals to identify concrete threats and the controls that would reduce risk. For example, in a web application with user authentication and a database, threat modeling helps you spot where credentials could be stolen, where data could be intercepted, or where access controls might fail, and then you implement protections such as strong authentication, encryption in transit and at rest, input validation, and precise authorization checks. Other options describe related but different activities: risk management is a broader, ongoing process of assessing and mitigating risk across an organization; fuzzing tests how a system handles unexpected input to find vulnerabilities; incident management focuses on detecting, responding to, and recovering from security incidents after they occur.

Threat modeling identifies and analyzes potential threats by examining attacker goals, how the system is built, and how data moves through it. By outlining who might attack, what assets they want to reach, and where data travels and is stored, you reveal the paths an attacker could take and where security controls are needed. This approach helps you map trust boundaries, data flows, and the overall attack surface, so you can prioritize mitigations effectively. Frameworks like STRIDE guide you to think about different kinds of threats—such as spoofing, tampering, information disclosure, and privilege escalation—within the context of the actual architecture and data movement.

In practice, you’d create a clear picture of the system—components, data stores, interfaces, and data flows—and then pair that with attacker goals to identify concrete threats and the controls that would reduce risk. For example, in a web application with user authentication and a database, threat modeling helps you spot where credentials could be stolen, where data could be intercepted, or where access controls might fail, and then you implement protections such as strong authentication, encryption in transit and at rest, input validation, and precise authorization checks.

Other options describe related but different activities: risk management is a broader, ongoing process of assessing and mitigating risk across an organization; fuzzing tests how a system handles unexpected input to find vulnerabilities; incident management focuses on detecting, responding to, and recovering from security incidents after they occur.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy