CDPSE · Question #186
Which of the following BEST represents privacy threat modeling methodology?
The correct answer is B. Systematically eliciting and mitigating privacy threats in a software architecture. Privacy threat modeling (e.g., using the LINDDUN framework) is a structured, proactive methodology applied to software architecture to systematically identify where privacy threats exist in the system design and then define mitigations. 'Systematically eliciting' captures the str
Question
Which of the following BEST represents privacy threat modeling methodology?
Options
- AMitigating inherent risks and threats associated with privacy control weaknesses
- BSystematically eliciting and mitigating privacy threats in a software architecture
- CReliably estimating a threat actor's ability to exploit privacy vulnerabilities
- DReplicating privacy scenarios that reflect representative software usage
How the community answered
(49 responses)- A6% (3)
- B88% (43)
- C4% (2)
- D2% (1)
Explanation
Privacy threat modeling (e.g., using the LINDDUN framework) is a structured, proactive methodology applied to software architecture to systematically identify where privacy threats exist in the system design and then define mitigations. 'Systematically eliciting' captures the structured enumeration of threat categories across data flows, processes, and stores in the architecture. Option A describes risk management of existing control weaknesses, not threat modeling. Option C describes threat intelligence and exploit estimation. Option D describes usability or QA testing through scenarios-not threat modeling.
Topics
Community Discussion
No community discussion yet for this question.