Читать книгу The Official (ISC)2 CISSP CBK Reference - Leslie Fife, Aaron Kraus - Страница 156

DREAD

Оглавление

DREAD is an older threat modeling technique, previously used by Microsoft but later abandoned. DREAD provides a mnemonic for quantitative risk rating security threats using five categories:

 Damage

 Reproducibility

 Exploitability

 Affected users

 Discoverability

Though it is sparsely used today, you should be familiar with the DREAD mnemonic and the categories that it represents.

The Official (ISC)2 CISSP CBK Reference

Подняться наверх