CISSP - Security and Risk Management - Section 1.10

Understand and apply threat modeling concepts and methodologies.

Apply threat modelling methodologies such as STRIDE to systematically enumerate threats against a system by mapping threat actors to the attack surface. Use findings to drive prioritised mitigations, distinguishing between threats that require architectural changes and those addressed by operational controls.

Examworthy is not affiliated with or endorsed by (ISC)2. Original, blueprint-aligned practice material only.