Certified Information Systems Security Professional – CISSP – Question291

Which of the following is the MOST important output from a mobile application threat modeling exercise according to Open Web Application Security Project (OWASP)?

A.
The likelihood and impact of a vulnerability
B. Application interface entry and endpoints
C. Countermeasures and mitigations for vulnerabilities
D. A data flow diagram for the application and attack surface analysis

Correct Answer: D