Domain 2 - Threat Modeling and Methodologies

Flashcards covering key concepts and terminology related to threat modeling, including methods STRIDE and PASTA.

Threat Modeling

The systematic identification, enumeration, and prioritization of threats related to an asset.

STRIDE

A threat modeling methodology developed by Microsoft that stands for Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.

Spoofing

An attack where an attacker pretends to be someone else to gain unauthorized access, violating authentication.

Tampering

Modification of data at rest or in transit by an attacker, violating integrity.

Repudiation

An attack where an action is performed on the system that cannot be attributed to the attacker, violating non-repudiation.

Information Disclosure

An attack where an attacker gains access to information they should not, violating confidentiality.

Denial of Service (DoS)

An attack that prevents authorized users from accessing a system or resource, violating availability.

Elevation of Privilege

An attack to gain elevated access from regular user level to root or administrative level, violating authorization.

PASTA

The Process for Attack Simulation and Threat Analysis, a risk-centric approach to threat modeling that considers business aspects of a system.

Objectives (in PASTA)

The initial phase in the PASTA method where the goals of the threat analysis are defined.

Application Decomposition

A step in PASTA where the system is broken down into its components for analysis.

Risk and Impact Analysis

A step in the PASTA methodology that assesses the potential risks and impacts of identified threats.

Comparison of STRIDE and PASTA

Use STRIDE for quicker, simpler analyses; use PASTA for thorough, risk-based analyses that consider both technical and business perspectives.