Cybersecurity Threat Modeling

Questions and Answers

What does the acronym STRIDE in threat modeling represent?

• Substituting, Tampering, Rejection, Information loss, Denial, Elevation
• Spoofing, Tolerance, Revocation, Infiltration, Disruption, Escalation
• Surveillance, Tampering, Response, Information integrity, Denial, Exploitation
• Spoofing, Tampering, Repudiation, Information disclosure, Denial of service, Elevation of privilege (correct)

Which strategy is NOT a method for mitigating the threat of tampering with data?

• Employing multi-factor authentication
• Implementing strong access controls
• Regular data backups (correct)
• Using encryption like HTTPS

What is the most effective way to prevent spoofing of identity in a system?

• Provide user training on password security
• Use multi-factor authentication (MFA) (correct)
• Install antivirus programs
• Regularly update software

In the context of threat modeling, what does repudiation refer to?

A user denies performing an action taken in a system. (B)

What type of threat is characterized by a system becoming unavailable due to excessive requests?

Denial of Service (DoS) (B)

Which of the following techniques primarily addresses the threat of information disclosure?

Encrypting sensitive data (A)

What should management do to effectively protect its information against various threats?

Inform themselves about different types of threats (A)

Which mitigation technique is suggested to address denial of service (DoS) attacks?

Rate limiting (D)

What is elevation of privilege in the context of secure programming?

A user gains higher privileges than allowed. (D)

Which of the following is NOT recommended to mitigate elevation of privilege?

Giving every user admin rights for convenience. (C)

What is an attack surface?

Different points an unauthorized user can exploit. (A)

What is the first step in the attack surface mapping process?

Listing all components. (D)

When rating attack vectors, which example describes a high priority rating?

SQL Injection (high impact, easy to exploit). (D)

Which component does NOT typically interact in an architecture diagram during attack surface mapping?

Network firewall. (D)

Which of the following is a method to identify attack vectors?

Identifying SQL Injection through user input. (B)

Which statement is true regarding attack surface mapping?

It includes drawing diagrams to represent component interactions. (C)

Which of the following attack vectors is rated as medium priority?

Cross-Site Scripting. (C), Man-in-the-middle attack. (D)

What is one common source of input for attack surfaces?

Hardware inputs. (D)

Flashcards

Threat

An object, person, or entity that could harm a system or asset.

Threat Modeling

Identifying potential threats by examining possible use cases.

STRIDE

A threat modeling framework with six categories of attacks.

Spoofing

Pretending to be someone else to gain access.

Tampering

Altering data in transit.

Repudiation

Denying an action without proof.

Information Disclosure

Revealing sensitive data to unauthorized people.

Denial-of-Service (DoS)

Making a system unavailable by overwhelming it.

Elevation of Privilege

Gaining higher permissions than allowed.

Attack Surface

Points where an attacker can potentially breach a system.

Attack Vector

Specific way to attack a system or asset.

Attack Surface Mapping

Creating diagram to see potential attack points.

Multi-factor Authentication (MFA)

Security method needing multiple forms of authentication.

Encryption

Protecting data by converting it to an unreadable format.

Secure Logging

Tamper-proof records of system activity.

Role-Based Access Control (RBAC)

Managing access based on roles, not individual accounts.

SQL Injection

Manipulating SQL queries to gain unauthorized access.

Cross-Site Scripting (XSS)

Injecting malicious scripts into web pages.

Study Notes

Threats

• A threat is an object, person, or entity that may pose danger to a system or asset.
• Management must be informed about diverse threats to effectively protect information through policies, training, and technical controls.

Threat Modeling

• Threat modeling is a process of identifying potential threats through theoretical use cases.
• Microsoft STRIDE model covers six categories of attacks: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, and Elevation of Privilege.
• Threat modeling necessitates understanding of assets and vulnerabilities.

STRIDE Threat Modeling

• Spoofing of Identity: An attacker pretends to be a legitimate user by stealing credentials (e.g., phishing attacks).

  • Mitigation: Implement multi-factor authentication (MFA).

• Tampering with Data: An attacker intercepts and modifies data in transit (e.g., changing a bank transaction amount).

  • Mitigation: Utilize encryption (like HTTPS) for secure data transmission.

• Repudiation: An attacker denies performing an action without leaving any traceable proof.

  • Mitigation: Implement secure logging that is tamper-proof to maintain evidence.

• Information Disclosure: Sensitive information is exposed to unauthorized individuals (e.g., data breaches).

  • Mitigation: Encrypt sensitive data and apply access controls.

• Denial of Service (DoS): The system becomes unavailable due to an overload of requests (e.g., DDoS attacks).

  • Mitigation: Employ rate limiting and web application firewalls to prevent overwhelming traffic.

• Elevation of Privilege: An attacker gains higher system permissions than authorized (e.g., a normal user becomes an administrator).

  • Mitigation: Implement role-based access control (RBAC) and limit privilege escalation paths.

Attack Surface Mapping

• An attack surface comprises various points where an unauthorized user can infiltrate a system, network, or solution.
• Each attack surface has its associated risk, likelihood, and impact.
• Sources of attack vectors can be hardware, software/firmware, or communication channels.
• Mapping attack surfaces involves creating an architecture diagram to identify and prioritize attack vectors.
  • Priority is determined by the ease of exploitation and the potential impact.

Steps in Attack Surface Mapping Process

• Listing All Components: Identify components like web servers, application servers, database servers, user interfaces (UI), and third-party API's.
• Preparing an Architecture Diagram: Depict how components communicate (e.g., web server to application server, application server to database, external APIs).
• Labeling Components & Communication: Label each interaction (e.g., HTTP requests, SQL queries, API requests).
• Identifying Attack Vectors: Identify potential attack points (e.g., SQL injection, cross-site scripting (XSS), man-in-the-middle attacks).
• Rating Attack Vectors: Assign priority to each attack vector based on impact and ease of exploitation. - High priority: SQL Injection (high impact, easy to exploit) - Medium priority: Cross-Site Scripting (medium impact, moderate difficulty) - Medium priority: Man-in-the-middle attack (high impact, harder to exploit)

Description

Explore the concept of threats and the importance of threat modeling in cybersecurity. Learn about the Microsoft STRIDE model and how to identify and mitigate potential threats to information systems. This quiz will enhance your understanding of how to protect assets effectively.