# Threat Modeling (STRIDE, PASTA, Kill Chain) Backlink: [[Domain 1 - Index]] **Definition:** Systematic analysis to identify threats, abuses, and mitigations early in design and operations. ## Key Facts - STRIDE: Spoofing, Tampering, Repudiation, Info disclosure, DoS, Elevation. - PASTA: risk-centric, multi-stage process from objectives to mitigation. - Kill Chain/ATT&CK: map adversary phases/techniques to defenses. - DFDs and trust boundaries support analysis; iterate over lifecycle. - Prioritize by likelihood/impact; record mitigations and owners. - **Verify:** check official (ISC)² CBK and current exam outline. >[!tip] **Exam Relevance** - Match threats to controls via STRIDE mapping - Choose modeling approach for context >[!note] **Mnemonic** - “STRIDE across Trust boundaries.” ### Example Q: DFD shows external → API. STRIDE concern? A: Spoofing; require strong auth and input validation. ## Revision Checklist - [ ] List STRIDE categories - [ ] Explain DFD/trust boundary roles - [ ] Name one risk-centric methodology - [ ] Map one control per category ## Related [[Risk Management Process]] · [[Security Control Types]] · [[Security Program Management (PDCA)]] · [[Security Awareness and Training]] · [[Threat Intelligence Lifecycle and Sources]] #cisSP #domain-1 #concept