From the course: CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep

Unlock the full course today

Join today to access over 24,200 courses taught by industry experts.

Identifying threats

Identifying threats

- [Instructor] Organizations face many different kinds of threat, and it's often difficult to keep track of all these threats and identify those that pose the greatest risk. Security professionals use threat modeling techniques to identify and prioritize threats and assist in the implementation of security controls. When identifying potential threats to an organization, security professionals should use a structured approach. Don't just sit down and start thinking of all of the things that could go wrong. It's too easy to leave things out with this type of haphazard approach to threat identification. Instead, conduct a structured walkthrough of the potential threats to information and systems. Let's look at three ways that an organization can use a structured approach to threat identification. First, an organization can use an asset focused approach. In this approach, analysts use the organization's asset inventory as the basis for their analysis and walk through asset by asset…

Contents