Threat Modeling Fundamentals Questions
Demonstrate the ability to identify, analyze, and prioritize threats to systems and architectures. Core skills include mapping attack surfaces, enumerating threat actors and their capabilities, applying threat modeling frameworks and methodologies, assessing likelihood and impact, and proposing mitigations and design changes to reduce risk. Candidates should be familiar with common classes of threats and trade offs when selecting defenses.
MediumTechnical
70 practiced
Design a validation plan that uses penetration testing and red-team exercises to test a completed threat model for a public-facing REST API. Define scope, hypotheses derived from the threat model to be tested, success criteria for the tests, and how test findings will map back into the threat model and remediation workflow.
MediumTechnical
68 practiced
Describe the fields and structure of a risk register produced from threat modeling outputs for a mid-sized SaaS product. Explain how items are triaged, assigned to owners, tracked through to mitigation, and how SLA-like expectations (e.g., time-to-remediate) are set with product teams.
HardTechnical
57 practiced
You've implemented mitigations for the top ten risks from a threat model. Explain how you would quantify residual risk, create executive-level metrics (for example: 'mean time to detection', 'percent of critical services with mitigations implemented', 'expected monetary loss reduction'), and justify acceptance or further investment to business stakeholders with supporting data and confidence intervals.
HardTechnical
73 practiced
Model an advanced persistent threat (APT) that targets your CI/CD pipeline to insert a backdoor into a signed release artifact. Describe probable attack steps (credential theft, compromised build agents, tampering with build scripts, signing key compromise), the TTPs you expect, controls that would detect or prevent each step, and an incident containment and recovery plan that restores trust in the build system.
HardTechnical
59 practiced
Given this architecture description, identify hidden trust boundary misconfigurations and propose design changes:- Mobile app (public) communicates with an API Gateway (public L7) → routes to API service running in the same VPC as the database- API service connects directly to Database on port 5432 with a single shared DB credential- Admin UI deployed in the same cluster as the API uses the same DB credentials and exposes an admin route on a public load balancer- CI system can run arbitrary scripts that have network access to the clusterList at least five issues, explain the associated risks, and propose fixes prioritized by impact and effort.
Unlock Full Question Bank
Get access to hundreds of Threat Modeling Fundamentals interview questions and detailed answers.
Sign in to ContinueJoin thousands of developers preparing for their dream job.