10 questions · need 7/10 to pass.
Q1.When applying "From threat to control" in practice, which of these holds?
single
Q2.Which statement about how "Bug bounty vs pentest vs internal review" actually works is correct?
single
Q3.Which of these correctly identifies the role of "The defender's mindset" in the broader system?
single
Q4.Which fact about "MITRE ATT&CK for web" matches the mechanism the module covered?
single
Q5."OWASP Top 10 — orientation" — which of these claims is supported by the module?
single
Q6.Which statement about how "The defender's mindset" actually works is correct?
single
Q7.Which definition of "STRIDE — a vocabulary for threats" matches what the module established?
single
Q8.When applying "Attack trees" in practice, which of these holds?
single
Q9.For "STRIDE — a vocabulary for threats", which detail or constraint from the module is accurate?
single
Q10.For "Building a real threat model", which detail or constraint from the module is accurate?
single