New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft SC-100 Exam - Topic 10 Question 33 Discussion

Actual exam question for Microsoft's SC-100 exam
Question #: 33
Topic #: 10
[All SC-100 Questions]

Your company plans to follow DevSecOps best practices of the Microsoft Cloud Adoption Framework for Azure.

You need to perform threat modeling by using a top-down approach based on the Microsoft Cloud Adoption Framework for Azure.

What should you use to start the threat modeling process?

Show Suggested Answer Hide Answer
Suggested Answer: A, D

by Jerry at Dec 22, 2023, 05:12 PM

Limited Time Offer

25%

Off

Get Premium SC-100 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Rene
3 months ago
STRIDE? Really? I’ve heard mixed reviews about its effectiveness lately.
upvoted 0 times
...
Marquetta
3 months ago
Wait, are we really going with STRIDE? I thought DREAD was more popular now.
upvoted 0 times
...
Alyssa
4 months ago
OWASP threat modeling is great, but not sure if it's top-down enough.
upvoted 0 times
...
Rosamond
4 months ago
I think DREAD could work too, but STRIDE is more comprehensive.
upvoted 0 times
...
Frederica
4 months ago
Definitely the STRIDE model! It's a classic for threat modeling.
upvoted 0 times
...
Micheline
4 months ago
I practiced a similar question, and I think STRIDE is definitely the right choice for identifying threats systematically.
upvoted 0 times
...
Evangelina
4 months ago
OWASP threat modeling sounds familiar, but I feel like it might not align perfectly with the top-down approach we're supposed to use here.
upvoted 0 times
...
Gearldine
4 months ago
I'm not entirely sure, but I remember DREAD being more about risk assessment rather than initial threat modeling.
upvoted 0 times
...
Fausto
5 months ago
I think we might need to start with the STRIDE model since it focuses on identifying threats based on different categories.
upvoted 0 times
...
Ryann
5 months ago
I'm a little confused by the wording of this question. It's asking about a "top-down approach" for threat modeling, but the answer choices don't seem to directly address that. I'll need to think carefully about how the Microsoft Cloud Adoption Framework recommends starting the threat modeling process.
upvoted 0 times
...
Natalie
5 months ago
Okay, I've got this. The question is asking about the best way to start the threat modeling process, and since it's specifically mentioning the Microsoft Cloud Adoption Framework, I believe the answer is the STRIDE model, which is a common threat modeling approach used in that framework.
upvoted 0 times
...
Rasheeda
5 months ago
Hmm, I'm a bit unsure about this one. The question mentions threat modeling, but it's not clear which specific approach I should use. I'll need to review the details of the Microsoft Cloud Adoption Framework to make sure I understand the right starting point.
upvoted 0 times
...
Kara
5 months ago
This question seems straightforward. The Microsoft Cloud Adoption Framework for Azure is mentioned, so I think the answer is likely related to that framework.
upvoted 0 times
...
Jolanda
5 months ago
I've used the Alert component before for validation, so I'm confident that's one of the right answers. The Messaging component is a bit more of a wild card, but I'll give it a shot.
upvoted 0 times
...
Wilda
5 months ago
Okay, let me see. Parametric estimating uses historical data and project parameters to estimate things like cost and duration. That sounds like it could be the right answer here. I'll go with that.
upvoted 0 times
...
Audria
5 months ago
I'm a little confused by all the different statin options and dosages. I'll need to carefully read through the answer choices to make sure I select the right one.
upvoted 0 times
...
Candra
10 months ago
I'm going with the STRIDE model. It's the threat modeling equivalent of a 'Skittles and Mountain Dew' combo - it just works for this kind of thing.
upvoted 0 times
Gladis
8 months ago
User 3: OWASP threat modeling is another good option to consider for a comprehensive approach.
upvoted 0 times
...
Hyun
9 months ago
User 2: I think the DREAD model could also be useful in this situation.
upvoted 0 times
...
Arletta
9 months ago
User 1: I agree, the STRIDE model is a great starting point for threat modeling.
upvoted 0 times
...
...
Milly
10 months ago
I'm just hoping the exam doesn't ask us to threat model a cloud-based app using Tamagotchi as the threat model. That would be a real head-scratcher!
upvoted 0 times
Tracey
9 months ago
C) OWASP threat modeling
upvoted 0 times
...
Rosita
10 months ago
B) the DREAD model
upvoted 0 times
...
Anisha
10 months ago
A) the STRIDE model
upvoted 0 times
...
...
Laurene
10 months ago
I prefer using the OWASP threat modeling approach, as it provides a comprehensive framework for identifying security threats.
upvoted 0 times
...
Lorriane
10 months ago
I agree with Twila, the STRIDE model is a good starting point for threat modeling.
upvoted 0 times
...
Twila
10 months ago
I think we should use the STRIDE model to start the threat modeling process.
upvoted 0 times
...
Magdalene
10 months ago
The DREAD model? Really? I thought that was old news. Let's stick to something more modern and relevant, like the STRIDE model.
upvoted 0 times
Herminia
9 months ago
User 2: Definitely, we should use the STRIDE model for threat modeling.
upvoted 0 times
...
Pearly
9 months ago
User 1: I agree, the DREAD model is outdated.
upvoted 0 times
...
Merilyn
10 months ago
User 2: Yeah, the DREAD model is old news. STRIDE is the way to go.
upvoted 0 times
...
Carmen
10 months ago
User 1: I agree, the STRIDE model is more modern and relevant.
upvoted 0 times
...
...
Oneida
10 months ago
I personally prefer the OWASP threat modeling approach, as it provides a comprehensive framework for identifying security threats.
upvoted 0 times
...
Lawrence
10 months ago
OWASP threat modeling seems like a good option too, but I'm not sure if it's the best fit for this specific scenario. The Microsoft Cloud Adoption Framework is the focus here.
upvoted 0 times
...
Dana
10 months ago
I agree with Crissy, the STRIDE model is a good starting point for threat modeling.
upvoted 0 times
...
Verdell
11 months ago
I think the STRIDE model is the way to go. It's a well-established framework for threat modeling, and it aligns perfectly with the Microsoft Cloud Adoption Framework.
upvoted 0 times
...
Crissy
11 months ago
I think we should use the STRIDE model to start the threat modeling process.
upvoted 0 times
...

Save Cancel