A-Warded LogoA-WardedSign Up Free

5. Application Security

Threat Modeling — Quiz

Test your understanding of threat modeling with 5 practice questions.

Read the lesson first

Practice Questions

Question 1

Which risk assessment technique uses the factors Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability to quantify threat risk?

Question 2

Which mitigation control is most appropriate to address Repudiation threats in STRIDE-based threat modeling?

Question 3

In an attack tree, which logical operator indicates that all child events must occur to satisfy the parent goal?

Question 4

In an attack tree, the root node "Compromise Server" has two child nodes combined by an AND operator: "Gain User-Level Access" and "Disable Logging". "Gain User-Level Access" further splits into two child nodes with an OR operator: "Exploit Vulnerability" and "Brute-Force Credentials". How many distinct attack paths to compromise the server exist?

Question 5

A security analyst discovers a vulnerability that allows attackers to escalate privileges by exploiting a misconfigured service. Under which STRIDE category does this threat fall?
Threat Modeling Quiz — Cybersecurity | A-Warded