- Threat modeling is only related to developers. QAs, architects, or operation teams don't need to get involved. True or false?
- Which of the following modules should apply threat modeling?
- Legacy modules
- Modules with external interaction with third-party vendors
- Modules that handle personal information
- All of the above
- Which of the following is a security mitigation for Repudiation?
- Hash
- Authentication logging
- Load balance
- Encryption
- Which one of the following is not mainly used for threat library references?
- CAPE
- ATTCK
- SeaSponge
- CWE
- Which one of the following is not related to the authentication security framework?
- Shiro
- Spring Security
- VisualCaptcha
- Java Commons Validator