Certified Incident Handler (CIH) Practice Ecam

Disable ads (and more) with a membership for a one time $2.99 payment

Prepare for the Certified Incident Handler (CIH) Exam. Enhance your knowledge with interactive quizzes and detailed insights into cyber incident handling. Boost your exam readiness with our expert-designed questions!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which step in the threat modeling process involves determining the trust boundaries and data flows?

Identify vulnerabilities
Identify threats
Decompose the application
Application overview

The correct answer is: Decompose the application

The correct choice focuses on the step known as "Decompose the application," which is pivotal in the threat modeling process. During this stage, practitioners break down the application into its core components to understand how data interacts within the system. In decomposing the application, it's essential to identify trust boundaries, which are the points within the system where data can be trusted or must be validated. This helps determine what parts of the application are more secure and which face a higher risk of exposure to threats. Understanding data flows is also critical; it outlines how data moves between components, highlighting potential vulnerabilities and areas where sensitive information may be at risk if proper security measures are not in place. Trust boundaries and data flows are not as explicitly characterized in the steps of identifying vulnerabilities, threats, or gaining an overview of the application. These steps tend to follow after the decomposition and primarily focus on assessing risks rather than mapping out the architecture and interactions of components. Hence, the decomposition of the application serves as a foundation for later analysis and risk assessments, making it an essential step in effective threat modeling.