Certified Application Security Engineer – Java (CASE-Java) — Question 5

Which of the risk assessment model is used to rate the threats-based risk to the application during threat modeling process?

Answer options

• A. DREAD
• B. SMART
• C. STRIDE
• D. RED

Correct answer: A

Explanation

The correct answer is A, DREAD, which specifically assesses and rates risks based on the potential impact of threats. Options B (SMART), C (STRIDE), and D (RED) are not primarily focused on rating threats in the context of threat modeling, making them incorrect choices for this specific question.