Home
Recent Q&A
Java
Cloud
JavaScript
Python
SQL
PHP
HTML
C++
Data Science
DBMS
Devops
Hadoop
Machine Learning
Azure
Blockchain
Devops
Ask a Question
Threat Modeling Interview Questions and Answers
Home
Questions
Threat Modeling
0
votes
Q: Select the Correct statement.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
ssa
authorization
0
votes
Q: The _______ approach to validation only permits characters/ASCII ranges defined within a white-list.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
#validations
threat-modeling
ssa
ascii-range
0
votes
Q: CAPTCHA is used as remediation for which of the following attacks?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
captcha-authentication
remediation
security-attacks
0
votes
Q: What are the popular threat modeling techniques? A) Entry point identification b) Privilege boundaries c) Threat trees d) Flooding
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling-techniques
threat-modeling
threat-trees
0
votes
Q: Identify Correct statement:
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
ssa
sql-injection-attack
0
votes
Q: State True or False: Maintenance (Operational) Security is not required if software is developed securely.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
secure-software
security
0
votes
Q: What is Single Sign-Off?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
#single-sign-off
sso
sso-authentication
0
votes
Q: Security code review should be done throughout the SDLC.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
#security-code
sdlc-security-code-review
ssa
0
votes
Q: Which of the following is correct description for “Accountability” attribute?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
authorization
accountability
security-accountability
0
votes
Q: Which vulnerability can lead to Denial of Service attack?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
denial-of-service-attack
dos-attack
ssa
0
votes
Q: SSA takes care of the threats to the systems and softwares from?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
ssa
threats
security-threats
0
votes
Q: Why is it not a good idea to include readymade code from Google search into the customer application deliverables even though it may save a lot of time and cost for the project?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
google-search
threat-modeling
ssa
0
votes
Q: The following can be classified as which kind of threat as per Microsoft STIDE threat classification model? ‘Modifying a DLL on disk or DVD, or packet as it traverses the LAN;.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
spoofing
security
ssa
0
votes
Q: Identify reasons why TCS has adopted data protection program 1. Customer and market expectations 2. Competitive Differentiation 3. Risk Landscape 4. Legal Obligation
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
protection-program
security
threat
0
votes
Q: State True or False: It is not a responsibility of a supplier to deliver secure software.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
ssa
secure-software
0
votes
Q: Which of the following is used to retain integrity in a software?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
software-integrity
software-security
ssa
0
votes
Q: What is Single Sign-On (SSO)?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
single-sign-on
sso
threat-modeling
0
votes
Q: Which of the following information item holds highest critically from confidentiality perspective?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
confidential-information
security
ssa
0
votes
Q: State True or False: Security Testing Test Cases play crucial & essential part of Security Testing.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
security-testing
threat-modeling
testcases
0
votes
Q: Spoofing hampers which of the following Security foundations?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
spoofing
threat-modeling
ssa
0
votes
Q: While performing threat modeling for an application design, which of the following is the formula for calculating Risk Score?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
threat-application-design
risk-score
ssa
0
votes
Q: Which of the following statements is NOT true regarding error handling and Logging?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
error-handling
error-logging
ssa
0
votes
Q: SAML uses _________ for token exchange
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
saml-token
saml-token-exchange
saml
security-service
ssa
0
votes
Q: Threat Modeling process can : a)Identify threats b) Provide countermeasures c) Stop threats from happening (Real Time) d) Help in flawless coding
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
threat-modeling-process
0
votes
Q: In a typical SSO solution, What is a “Service provider”
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
sevice-provider
sso-solution
security-provider
0
votes
Q: Both Digital Signature & Message Authentication code (MAC) provides authentication.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
digital-signature
message-authentication-code
mac
ssa
0
votes
Q: State the Correct statement.
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
#software-security-education
ssa
security-education
0
votes
Q: Team must monitor for libraries and components that are unmaintained or do not create security patches for older versions
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
monitor-libraries
security-information
database-security
components-security
0
votes
Q: Which type of vulnerability allows an attacker to execute a malicious script in a user browser?
answered
Mar 18, 2021
in
Threat Modeling
by
sharadyadav1986
vulnerability-type
malicious
script
ssa
0
votes
Q: Threat-methodology-that-is-most-effective-to-create-a-risk-aware-corporate-culture-is-__________.
answered
Mar 17, 2021
in
Threat Modeling
by
sharadyadav1986
threat-modeling
threat-methodology
To see more, click for all the
questions in this category
.
...