ISC2 Certified Cloud Security Professional (CCSP) Practice Question
Your DevSecOps team is beginning design of a multitenant, microservices-based SaaS application that will be deployed across several cloud regions. Management wants a threat-modeling approach that is risk-centric and incorporates iterative attack simulation so that the team can prioritize counter-measures before coding starts. Which threat-modeling methodology best meets these requirements?
STRIDE
DREAD
Process for Attack Simulation and Threat Analysis (PASTA)
Architecture, Threats, Attack Surfaces, and Mitigations (ATASM)
The Process for Attack Simulation and Threat Analysis (PASTA) is a seven-stage, risk-centric threat-modeling methodology. It emphasizes simulating realistic attacker tactics and enumerating business impacts so that mitigation priorities align with risk. STRIDE is a mnemonic for classifying threats, not a full risk-centric process. DREAD is only a scoring model used after threats are identified. ATASM focuses on architecture and attack surfaces but does not include iterative attack simulation. Therefore, PASTA most closely satisfies management's stated needs.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is PASTA in threat modeling?
Open an interactive chat with Bash
How does STRIDE differ from PASTA in threat modeling?
Open an interactive chat with Bash
What are the seven stages of the PASTA methodology?
Open an interactive chat with Bash
What are the seven stages of the PASTA methodology?
Open an interactive chat with Bash
How does PASTA differ from STRIDE in threat modeling?
Open an interactive chat with Bash
Why is iterative attack simulation important in threat modeling?
Open an interactive chat with Bash
ISC2 Certified Cloud Security Professional (CCSP)
Cloud Application Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .