Briefly respond to all the following questions. Make sure to explain

1) Threats are operators that abuse the insurance of data resources and site security approach. Threat investigation recognizes for a particular design, usefulness and setup. Threat investigation may expect a given degree of access and aptitude level that the assailant may have. Threats might be mapped to vulnerabilities to see how the framework might be abused. A relief plan is made out of countermeasures that are viewed as successful against the recognized vulnerabilities that the threats misuse.

The threat driven methodology is a strategy, a lot of practices and a mentality. The basic role of this methodology is to empower associations to allot the proportionate degree of assets to guard their
resources, to build up the innate aptitudes expected to help these endeavors, and to adjust gatherings and groups into useful jobs that will actualize this methodology.
There are no inactive threats they assault. There are two periods of work inside this system: IDDIL is viewed as the disclosure stage and ATC is viewed as the usage stage.
Influence the recorded assault surface, deteriorated framework and essential
use cases to report ways of assault. Catch the segments and territories of usefulness remembered for these ways, including existing security controls and administrations. Notwithstanding the physical or coherent ways, consider numerous strategies for assault using similar pathways.
A threat specialist is a functioning substance inspired to assault our cell phones and exercises. We may recognize threat specialists as explicit associations or people, as Anonymous, or we may characterize them by goals or techniques for activity (MOs).
A lot of goals that a threat operator may have might be political, budgetary, strict, or reflect other individual or network esteems.

A degree of motivation: These demonstrate the kinds of dangers the specialist is eager to take and levels of harm ready to cause in seeking after the goals.
Resources and assets: These show the sorts and measure of exertion the specialist may consume. Exertion might be spent on preparing or gathering information for an assault just as the expenses of the assault itself.
A degree of motivation: these demonstrate the sorts of dangers the operator is eager to take and levels of harm ready to cause in seeking after the goals.

2) In reality, the thread is who or what is harmful if the chance is offered. On their own, they can’t do harm. You just need to leave yourself exposed. Furthermore, while people generally believe that the threats in existence are malevolent, most threats you encounter actually do not affect you. Clearly, generic term for artifacts, individuals posing a possible risk for assets (by attacks).

Threat agent: Specific object, an individual who poses such a danger (by completing an attack).

1) DDoS attacks are a threat.

2) Carries out a DDoS attack then he is a threat agent.

Threat agent’s goals:

Vulnerability Assessments: for the goal of remediation initiatives, they are intended to define as much vulnerability as possible.

Penetration Tests: are designed to determine whether an intruder may or may not obtain particular wishes in his state-of – the-art security stance, like robbing sensitive information or other actions that would benefit the organization. The results show whether or not the targets were accomplished and any other observations made along the way. Penetration checks do not list the vulnerabilities or give priority to what has been found, usually it is certain or not to fulfill the agreed goals.

Risk Assessments: The most important hazards facing a particular organization for the purpose of ensuring the proper placement of the company. These can take a lot of forms, but the findings are constantly identified with the help of guidelines as the goals.

Threat Assessments: the most important hazards facing a particular organization for the purpose of ensuring the proper placement of the company. These can take a lot of forms, but the findings are constantly identified with the help of guidelines as the goals.

White / Grey / Black-container evaluations: measure the amount of statistics that are given to test the health of employees in the process of a review. These can be internal, external, app based, network based, running with or without, etc. The quantity of knowledge exchanged with the checking out group is the best criterion for $SHADE container checks.

Audits: are designed to determine how a particular company performs against a particular general. In general, audits are no longer directly concerned with security, but rather with compliance. The common testing can be strong or weaker in relation to effective protection and must no longer be emphasized by an evaluation of vulnerability or penetration test. The audit performance is a list of areas to be determined in order to comply.

3) Threat Agent is a Method used in breaching the security of a facility, operation, or system by exploiting vulnerability. Threat agent is individuals and/or groups that might have an interest in performing one or more types of attacks against a computing infrastructure. Modern risk assessment techniques recognize that there is a need to perform a threat assessment in order to identify the threats that a system is facing, and the agents that are able to manifest them. Most of them though do not incorporate the process of identifying and analyzing threat agents. Threat agents will be Hackers, crackers, or amateurs depending on their knowledge and attitude about computers.

Hackers: are persons interested in the arcane workings of computing systems. Hackers constantly seek to further and freely distribute knowledge. Hackers will never intentionally disrupt data.

Crackers: are persons who violate the system integrity, with malicious intent. Crackers enjoy this abuse and the temporary power that it gives them.

The threat impact can be on the market share of the company, or even more important the user trust. These impacts cannot be easily assigned a financial value and only speculations can be made for their size. The good fighters of old first put themselves beyond the possibility of defeat, and then waited for an opportunity of defeating the enemy”. Consequently in order for a threat agent to bring its capability to bear against a target he must have the correct conditions to do so, and in order for his capabilities to be effective and have an impact on the target, the target must be vulnerable to attack. Hence, the target must present the threat agent with an opportunity of attack. [Sun Tzu,1999]

The vulnerability assessment considers the potential impact of loss from a successful attack as well as the vulnerability of the facility/location to an attack. Impact of loss is the degree to which the mission of the agency is impaired by a successful attack from the given threat.

According to the reports analyzing the environment of the enterprise threat agents will be more, or less important in the assessment. a threat agent to be able to exploit a vulnerability, three factors must be in place, the capability factor, the motivation factor and the opportunity factor.For calculating the threat agent attributes, there is a need for a three-dimensional matrix (capability, motivation, opportunity).

Your answer looks good. Can you respond these three student answers? 100words min