nerdexam
ExamsPT0-003Questions#51
CompTIACompTIA

PT0-003 · Question #51

PT0-003 Question #51: Real Exam Question with Answer & Explanation

The correct answer is D: DREAD. The DREAD model is a risk assessment framework used to evaluate and prioritize the security risks of an application. It stands for Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability.

Submitted by andreas_gr· Mar 6, 2026Vulnerability Discovery and Analysis

Question

A penetration tester needs to help create a threat model of a custom application. Which of the following is the most likely framework the tester will use?

Options

  • AMITRE ATT&CK
  • BOSSTMM
  • CCI/CD
  • DDREAD

Explanation

The DREAD model is a risk assessment framework used to evaluate and prioritize the security risks of an application. It stands for Damage potential, Reproducibility, Exploitability, Affected users, and Discoverability.

Topics

#threat modeling#DREAD#risk assessment

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full PT0-003 PracticeBrowse All PT0-003 Questions