Читать книгу The Official (ISC)2 CISSP CBK Reference - Leslie Fife, Aaron Kraus - Страница 156

DREAD is an older threat modeling technique, previously used by Microsoft but later abandoned. DREAD provides a mnemonic for quantitative risk rating security threats using five categories:

 Damage

 Reproducibility

 Exploitability

 Affected users

 Discoverability

Though it is sparsely used today, you should be familiar with the DREAD mnemonic and the categories that it represents.