Quiz Entry - updated: 2026.07.14
How can Attack Trees be used to identify and prioritize countermeasures?
Attach a countermeasure to each attack path, cost it out, then prioritise the ones that block the most (or cheapest) paths.
Countermeasures in Attack Trees:
- Shown as green boxes that block attack paths
- Dotted lines = attack paths that are blocked by countermeasures
Example - "Guess Password" tree:
| Attack Path | Countermeasure |
|---|---|
| Attempt logins | Throttle login attempts |
| Steal database from website | (needs mitigation) |
| Compute hashes | Use expensive hash algorithm |
| Overall | Use strong passwords |
Process:
- Build the attack tree
- Identify countermeasures for each path
- Cost-benefit analysis of implementing each countermeasure
- Prioritize based on which countermeasures block the most/cheapest attack paths