CompTIA CySA+ (CS0-003) — Question 132
Which of the following threat-modeling procedures is in the OWASP Web Security Testing Guide?
Answer options
- A. Review of security requirements
- B. Compliance checks
- C. Decomposing the application
- D. Security by design
Correct answer: C
Explanation
The correct answer is C, as decomposing the application is a key aspect of threat modeling that helps identify vulnerabilities. The other options, while related to security, do not specifically pertain to threat modeling procedures outlined in the OWASP Web Security Testing Guide.