nerdexam
(ISC)2

CISSP · Question #549

What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities?

The correct answer is C. Threat modeling. Threat modeling is the testing technique that enables the designer to develop mitigation strategies for potential vulnerabilities. Threat modeling is a method of identifying, analyzing, and prioritizing the threats and vulnerabilities that may affect a system or an application. T

Submitted by obi.ng· Mar 5, 2026Software Development Security

Question

What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities?

Options

  • AManual inspections and reviews
  • BPenetration testing
  • CThreat modeling
  • DSource code review

How the community answered

(24 responses)
  • A
    4% (1)
  • C
    92% (22)
  • D
    4% (1)

Explanation

Threat modeling is the testing technique that enables the designer to develop mitigation strategies for potential vulnerabilities. Threat modeling is a method of identifying, analyzing, and prioritizing the threats and vulnerabilities that may affect a system or an application. Threat modeling can help the designer to understand the attack surface, the attack vectors, the attack scenarios, and the impact and likelihood of the attacks. Threat modeling can also help the designer to develop mitigation strategies for the potential vulnerabilities, such as applying security controls, implementing security best practices, or redesigning the system or the application. Threat modeling can be performed at any stage of the system development life cycle (SDLC), but it is most effective when done early and iteratively.

Topics

#threat modeling#vulnerability assessment#security design#mitigation strategies

Community Discussion

No community discussion yet for this question.

Full CISSP Practice