nerdexam
Isaca

CDPSE · Question #186

Which of the following BEST represents privacy threat modeling methodology?

The correct answer is B. Systematically eliciting and mitigating privacy threats in a software architecture. Privacy threat modeling (e.g., using the LINDDUN framework) is a structured, proactive methodology applied to software architecture to systematically identify where privacy threats exist in the system design and then define mitigations. 'Systematically eliciting' captures the str

Privacy Architecture

Question

Which of the following BEST represents privacy threat modeling methodology?

Options

  • AMitigating inherent risks and threats associated with privacy control weaknesses
  • BSystematically eliciting and mitigating privacy threats in a software architecture
  • CReliably estimating a threat actor's ability to exploit privacy vulnerabilities
  • DReplicating privacy scenarios that reflect representative software usage

How the community answered

(49 responses)
  • A
    6% (3)
  • B
    88% (43)
  • C
    4% (2)
  • D
    2% (1)

Explanation

Privacy threat modeling (e.g., using the LINDDUN framework) is a structured, proactive methodology applied to software architecture to systematically identify where privacy threats exist in the system design and then define mitigations. 'Systematically eliciting' captures the structured enumeration of threat categories across data flows, processes, and stores in the architecture. Option A describes risk management of existing control weaknesses, not threat modeling. Option C describes threat intelligence and exploit estimation. Option D describes usability or QA testing through scenarios-not threat modeling.

Topics

#Privacy Threat Modeling#Software Architecture#Threat Identification#Risk Mitigation

Community Discussion

No community discussion yet for this question.

Full CDPSE Practice