Week4 quiz
Why is waiting to think about security until after the software is built a bad idea?
You might make critical mistakes in the software’s design
Fixing problems once the software is built is more difficult and more expensive
You might miss important security requirements that necessitate a re-design
*All of the above
1 point
2.Question 2
What is an abuse case?
An official report made by MITRE Corp that describes a discovered software vulnerability and possible abuse of it
A scenario that illustrates a system’s functional requirements
*A scenario that illustrates a potential failure in security under relevant circumstances
An example of a heated disagreement between the security team and the development team
1 point
3.Question 3
Which of the following is a reason to make an explicit threat model when designing a system?
So that you avoid an incoherent defense
So you can defend against the most likely/costly/important attacks
So you can explicitly list and challenge assumptions that underlie your design
*All of the above
1 point
4.Question 4
Suppose you design software for a bank and the bank’s customers may remotely log into its site using commodity PCs. These PCs might have malware on them, which could log keystrokes or read files stored on the machine. Which threat model (using terms defined in the lectures) makes the most sense for you to consider, when desi