Bird
0
0

During threat modeling, a team incorrectly classifies a data leak as a 'Denial of Service' threat in STRIDE. What is the main problem?

medium📝 Analysis Q7 of 15
Cybersecurity - Security Architecture and Design
During threat modeling, a team incorrectly classifies a data leak as a 'Denial of Service' threat in STRIDE. What is the main problem?
ADenial of Service includes data leaks
BMisclassification leads to wrong mitigation strategies
CData leaks are not security threats
DSTRIDE does not cover data-related threats
Step-by-Step Solution
Solution:

  1. Step 1: Understand correct STRIDE categories

    Data leaks fall under Information Disclosure, not Denial of Service.

  2. Step 2: Consequence of misclassification

    Wrong classification causes the team to choose ineffective security controls.

  3. Final Answer:

    Misclassification leads to wrong mitigation strategies -> Option B

  4. Quick Check:

    Correct classification guides proper defense [OK]
Quick Trick: Classify threats correctly to fix them right [OK]
Common Mistakes:
MISTAKES
  • Thinking Denial of Service covers data leaks
  • Ignoring importance of correct threat category
  • Assuming data leaks are not threats

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions
More Cybersecurity Quizzes
Advanced Threat Protection - Sandbox environments - Quiz 8hard Compliance and Governance - SOC 2 compliance - Quiz 14medium Compliance and Governance - Risk assessment methodologies - Quiz 7medium Compliance and Governance - SOC 2 compliance - Quiz 8hard Compliance and Governance - Risk assessment methodologies - Quiz 6medium Compliance and Governance - Why compliance frameworks guide security - Quiz 9hard Emerging Security Topics - Supply chain security - Quiz 14medium Emerging Security Topics - Bug bounty programs - Quiz 5medium Emerging Security Topics - Bug bounty programs - Quiz 6medium Incident Response - Containment strategies - Quiz 9hard