课程详情
In the 21st century, no one doubts the importance of cybersecurity. Threat modeling is where it starts. Threat modeling is a framework for thinking about what can go wrong, and the foundation for everything a security professional does. This training course provides an overview of the traditional four-question framework for (1) defining what you're working on, (2) discovering what can go wrong, (3) deciding what to do about it, and (4) ensuring you've done the right things in the right ways for the systems you're delivering. Instructor Adam Shostack also reviews the STRIDE model for identifying six types of threats: spoofing, tampering, repudiation, information disclosure, denial of service, and elevation of privilege. Using a simple case study—a billing system for a media server that serves ads—Adam shows how to apply the principles and find security and privacy problems so the developer can include appropriate configurations and controls as part of the operational design and rollout.
您将获得的技能
获取证书,展示成果
分享学到的内容,成为理想行业的达人,获取证书,展示您在课程中所学的知识。
-
在领英档案中的“资格认证”版块下展示
-
下载或打印为 PDF,与他人分享
-
以图片形式在线分享,展现您的技能
了解讲师
学员评价
-
-
-
RAZVAN RADULESCU
RAZVAN RADULESCU
Experienced Project Manager Specializing in Cybersecurity - Identity and Access Management and as well Engineering.
内容
课程内容
- 知识测验 3 个测验
- 随时随地学习 可在平板电脑和手机上访问
相似课程
下载课程
使用 iOS 或安卓版领英学习 APP,即可在移动设备上离线观看课程。