Certified Information Systems Security Professional (CISSP) — Question 353

What testing technique enables the designer to develop mitigation strategies for potential vulnerabilities?

Answer options

• A. Source code review
• B. Threat modeling
• C. Penetration testing
• D. Manual inspections and reviews

Correct answer: B

Explanation

The correct answer is B, Threat modeling, as it helps identify potential vulnerabilities and develop strategies to mitigate them. The other options, while useful in security assessments, do not primarily focus on understanding and mitigating vulnerabilities in the design phase.