Lizzy, an analyst, wants to recognize the level of risks to the organization so as to plan
countermeasures against cyber attacks. She used a threat modelling methodology where she
performed the following stages:
Stage 1: Build asset-based threat profiles
Stage 2: Identify infrastructure vulnerabilities
Stage 3: Develop security strategy and plans
Which of the following threat modelling methodologies was used by Lizzy in the aforementioned
scenario?
C
Correct answer.
Module 5 p602