Assignment - Threat Modeling

SUBJECT: Security Architecture & Design

To enhance the security of information systems, enterprises are developing and adopting information system management systems. However, if an information management system is exploited, applications and the data they contain will be compromised. Therefore, it is important to perform comprehensive threat modeling throughout the enterprise.

In your own words explain (a) what is threat modeling, and (b) why it is important for an enterprise to address threat modeling extensively. Please state your answer in a 2 page paper in APA format.  Include citations and sources in APA style.

"No plagiarism"

Learning Materials and References (Prof posted in course syllabus)

Required Resources

Shostack, Adam. Threat Modeling: Designing for Security, Indianapolis, IN: Wiley, 2014

Recommended Resources

Please use the following author’s names, book/article titles, Web sites, and/or keywords to search for supplementary information to augment your learning in this subject.

Tony UcedaVelez and Marco M. Morana

Rick Centric Threat Modeling: Process for Attack Simulation and Threat Analysis

Grading Criteria Assignments                                             Maximum Points

1. Meets or exceeds established assignment criteria                                                                                 40
2. Demonstrates an understanding of lesson concepts                                                                              20
3. Clearly presents well-reasoned ideas and concepts                                                                               30
4. Uses proper mechanics, punctuation, sentence structure, spelling and APA structure                          10                                        

Total                                                                                                     100