IMPLEMENTATION OF CLOUD PLAN

 

IMPLEMENTATION OF CLOUD PLAN

Threat modeling gets considered as an activity for evaluation and identification vulnerabilities and threat applications. A threat modeling can het identified through a question-driven approach that designs a problem in the early stage in the process of implementation. The question-driven approach allows one to create a threat that is basic to the scenario of the application. The second approach is threat modeling, where there are addresses and identification of vulnerabilities. The identified attacks and threats help to find out the weakness of the applications. The following plan should get kept in mind when using the module. First is that you should not get blocked during the implementation. In case you get stuck, you must go forward to identify the threat of blockage. The main objective here is that security design should get improved. Secondly, modeling activity gets determined by the use of scenarios. Here the scenes are identified, which are out of the scope so that they help in reducing modeling threat activity.

Thirdly are the existing design documents should get used. Items that get used include flow diagrams of data, stories of the users, and diagram architecture you still have them. Fourthly is to that a whiteboard should start. It is considered as easy to start with the whiteboard before the information gets captured in the documents. Techniques here to get used are digital cameras or whiteboards that can print and also able to distribute the data from the whiteboard. The implementation plan should contain an iterative approach to the threat model. Here evolvement of the threat model and more details get added so that there is continuity in development and design. The risk gets reduced by the use of ongoing modeling. .

.For example, in the design process, you only use primary cases, deployment topology in the initial stage, and idea on layering the application. One can get familiarized with the use of the iterative approach. Revisiting the model is necessary when you want to decisions as there is the introduction of a different level of risk. Template gets used, and there is a need for a review of the application approaches. The template here includes the criteria of exit, and each step gets described on how to go about it in operation. Point seven is that there is an adaption of the activity in the situation that is existing. When one is not familiar with the threat, then it is necessary to read the document later that reads the work-through companion. The work-through creates a web application threat model to become accessible and familiar with the approach used. When there is an application that exists, then identification vulnerability approach gets used. The information here will determine where you should focus the efforts. Lastly is that the input should get obtained about its host and system, and network constraints should get obtained from the administrators.

It is necessary to have information on the host configuration, protocols, and the firewall policies for an understanding deployment scenario. The data get obtained through communication with the network and system administrators. Implementation should also contain the iterative threat modeling process. Here the first step is that the objective of the security should get identified so that there is effort determination to spend on each level. The application overview to get created that will enable us to identify the threats in step four. Thirdly decompose the application in a way that you can understand the mechanics in the claims. Following the app will make it easy to uncover threats that have more details. Identification of the danger that is relevant to the application and the context in question get done. Finally, vulnerabilities get identified. Application layers should get recognized, and also a weakness that is related to the threat gets identified.

 

 

 

 

References