Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $4.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Practice this question and more.


In threat modeling, which step follows 'Identify security objectives'?

  1. Application overview

  2. Identify vulnerabilities

  3. Identify threats

  4. Decompose the application

The correct answer is: Application overview

In the context of threat modeling, the step that follows 'Identify security objectives' is focused on establishing a clear understanding of the application being analyzed. This is where an application overview comes into play. It is crucial to comprehend the architectural design, components, data flows, and interactions of the application to effectively assess security concerns. By gaining a thorough overview, security professionals can identify how various elements of the application are interconnected, which assists in pinpointing potential vulnerabilities or threats later in the process. This foundational step lays the groundwork for more detailed assessments, ensuring that the analysis is contextual and relevant to the specific application and its objectives. Understanding the application’s overview supports subsequent activities like threat identification and vulnerability assessment by providing essential insights into the system’s functionality and environment.