1. The threat modelling phase where applications are decomposed and their entr

1. 1. The threat modelling phase where applications are decomposed and their
2. entry points are reviewed from an attacker’s perspective known as ______________
3. a.thread identification
4. b.impact analysis
5. c.attack surface evaluation
6. d.thread classification
7.  
8. 2.Which of the following authentication mechanisms does J2EE support
9. a. Http Basic. Form Based. Client/server Mutual. Role Based Authentication
10. b. Windows Basic. Form Based. Client/server Mutual. Role Based Authentication
11. c. Http Basic. Form Based. Client/server Mutual. HTTP Digest Authentication
12. d. Role Based. Http Basic. Windows. HTTP Digest Authentication
13.  
14. 3. Which of the following relationship is used to describe security use case scenario?
15. A. Extend Relationship
16. B. Mitigates Relationship
17. C. Threatens Relationship
18. D. Include Relationship
19.  
20. 4. Identify the formula for calculating the risk during threat modelling.
21. a) RISK=PROBABILITY*VULNERABILITY
22. b) RISK=PROBABILITY*Attack
23. c) RISK=PROBABILITY*ASSETS
24. d) RISK=PROBABILITY*DAMAGE POTENTIAL
25.  
26. Which of the following relationship is used to describe abuse case scenarios?
27.  
28. A. Extend Relationship
29. B. Mitigates Relationship
30. C. Include Relationship
31. D. Threatens Relationship
32.  
33. Which of the risk assessment model is used to rate the threats-based risk to the application during threat modelling process?
34. a.DREAD
35. b.SMART
36. c.RED
37. d.STRIDE