Assignments
To enhance the security of information systems, enterprises are developing and adopting information system management systems. However, if an information management system is exploited, applications and the data they contain will be compromised. Therefore, it is important to perform comprehensive threat modeling throughout the enterprise.
Assignment 1: THREAT MODELING
In your own words explain (a) what is threat modeling, and (b) why it is important for an enterprise to address threat modeling extensively. State your answer in a 1-2 page paper in APA format.
Meets or exceeds established assignment criteria
Demonstrates an understanding of lesson concepts
Clearly presents well-reasoned ideas and concepts
Uses proper mechanics, punctuation, sentence structure, spelling and APA structure.
Assignment 2: Threat Modeling Project
STRIDE is a model-based threat modeling technique developed by Microsoft. The methodology guides the security analyst through several activities that must be conducted in order for the process to be effective.
For this assignment explain in detail how you would start a threat modeling project. Please provide explanations for each step stated. Please state your answer in a 1-2 page paper in APA format. Include citations and sources in APA style.
Assignment 3: Security Testing Vs. Threat Modeling
Threat modeling and security testing are similar in regard to both serve the purpose of addressing risk, however, both have their own respective specific purpose.
For this assignment identify and explain the key differences between security testing and threat modeling.
Assignment 4: Secret Questions
In this reading we looked at accounts, identity, authentication, and account recovery. There is an old adage that says, "You can never be too safe. When it comes to the digital world, it's very true. Cyber hackers and hijackers are lurking everywhere to steal digital information. And while it's a piece of cake for them to get passwords and other sensitive information, for the rest of us, keeping track of login information is a hassle especially since everything needs its own password. It's too much and eventually passwords get forgotten.
The reading mentioned various methods of approach to account recovery. In your own words state what approach(s) you believe are the best approaches for account recovery, and how you would apply the approach in an enterprise setting. Please state your answer in a 1-2 page paper in APA format.
Format your assignment according to the following formatting requirements:
1. The answer should be typed, double spaced, using Times New Roman font (size 12), with one-inch margins on all sides.
2. The response also include a cover page containing the title of the assignment, the student's name, the course title, and the date. The cover page is not included in the required page length.
3. Also Include a reference page. The Citations and references should follow APA format. The reference page is not included in the required page length.