nerdexam
(ISC)2

CISSP · Question #360

Attack trees are MOST useful for which of the following?

The correct answer is C. Enumerating threats. Attack trees are most useful for enumerating threats. Attack trees are graphical models that represent the possible ways that an attacker can exploit a system or achieve a goal. Attack trees consist of nodes that represent the attacker's actions or conditions, and branches that r

Submitted by akirajp· Mar 5, 2026Security and Risk Management

Question

Attack trees are MOST useful for which of the following?

Options

  • ADetermining system security scopes
  • BGenerating attack libraries
  • CEnumerating threats
  • DEvaluating Denial of Service (DoS) attacks

How the community answered

(20 responses)
  • A
    5% (1)
  • B
    5% (1)
  • C
    90% (18)

Explanation

Attack trees are most useful for enumerating threats. Attack trees are graphical models that represent the possible ways that an attacker can exploit a system or achieve a goal. Attack trees consist of nodes that represent the attacker's actions or conditions, and branches that represent the logical relationships between the nodes. Attack trees can help to enumerate the threats that the system faces, as well as to analyze the likelihood, impact, and countermeasures of each threat. Attack trees are not useful for determining system security scopes, generating attack libraries, or evaluating DoS attacks, although they may be used as inputs or outputs for these

Topics

#Attack trees#Threat modeling#Vulnerability analysis#Risk assessment

Community Discussion

No community discussion yet for this question.

Full CISSP Practice