Top 25+ Application Threat Modeling MCQ Interview Questions and Answers 2021

Top 25+ Application Threat Modeling MCQ Questions and Answers

Q1. An action that harms an asset is ________.



Q2. The number of distinct symbols that can be used in DFDs is __________.

(3)Depends on the application


Q3. The output of the threat modeling process is a _________ which details out the threats and mitigation steps.



Q4. Which of the following threat can be handled using access control?

(1)Information Disclosure
(3)Denial of Service
(4)Elevation of privilege
(5)All the options

Answer:-(5)All the options

Q5. The theft of intellectual property is a threat to information security.



Q6. _________ is a medium that allows data to flow between domains of trust.

(1)Data Flow
(2)Data Store
(3)Trust boundary
(4)Attack Vector

Answer:-(3)Trust boundary

Q7. Denial of Service hinders _________.



Q8. Process Flow Diagrams are used by ___________.

(1)Application Threat Models
(2)Operational Threat Models

Answer:-(1)Application Threat Models

Q9. Which of the following security property does Tampering violate?



Q10. The following is a part of a threat model, except _________.

(1)Mitigation steps for each threat
(2)Implementation of processes
(3)A list of potential threats
(4)Analysis of actions taken

Answer:-(2)Implementation of processes

Q11. Which of the following is a tangible asset?

(1)Brand Reputation
(2)Data on a database

Answer:-(2)Data on a database

Q12. DREAD model can be used for ________.

(1)Identifying threats
(2)Rating threats
(3)Identifying assets

Answer:-(2)Rating threats

Q13. Which among the following methodologies distinguishes the security concerns of development from those of the infrastructure team?



Q14. Identty theft is an example of __________.



Q15. Which of the following issues can be addressed using an efficient logging system?

(4)Denial of Service


Q16. Microsoft’s Threat Modeling tool uses __________ threat classification scheme.



Q17. Multifactor authentication can be used to handle _________.



Q18. Which of the following are the advantages of threat modeling?

(1)Helps engineer and deliver better products
(2)Helps find security bugs early
(3)All the options
(4)Helps understand security requirements

Answer:-(3)All the options

Q19. Choose the correct option.

(1)Threat = Risk * Vulnerability
(2)Threat = Vulnerability * Attack
(3)Risk = Threat * Loss
(4)Risk = Threat * Vulnerability

Answer:-(4)Risk = Threat * Vulnerability

Q20. A ‘requirements model’ is the foundation of the __________ methodology.



Q21. ________ generates a map that illustrates how the user moves through various features of the application.

(1)Process Flow Diagram
(2)Sequence Diagram
(3)Data Flow Diagram
(4)Entity Diagram

Answer:-(1)Process Flow Diagrams

Q22. Which of the following best describes the threat modeling process?

(3)Seldom refined


Q23. It is better to perform threat modeling from the early stages of the SDLC.



Top 100+ Ethical hacking MCQ and Interview questions and answers

Latest HTML & CSS MCQ and Interview Questions and Answers

Leave a Comment