LOGBOOK

HELP

Quiz Entry - updated: 2026.07.14

How does a Misuse Case relate to a regular Use Case in a diagram?

A dashed arrow labelled "threatens" runs FROM the Misuse Case TO the use case it endangers — the attacker drives the MUC, the MUC threatens the UC.

The arrow always points from the dark (attack) oval into the white (legitimate) one it puts at risk:

User -----> [Use Case] <----threatens---- [Misuse Case] <----- Attacker
             (white)                         (black)

The three relationships, all pointing from the MUC outward:

Relationship From To Meaning
threatens Misuse Case Use Case The MUC endangers this UC (puts its security at risk)
exploits Misuse Case Use Case The MUC abuses this specific UC as its way in
mitigates Mitigation Case Misuse Case A control that cancels the MUC

threatens vs exploits — the subtle bit: an attack often exploits the UC that is its entry point but threatens a different UC that suffers the damage. In a login attack, an injection exploits "Enter username" (where the bad input goes in) yet threatens "Use system" (the protected functionality it ultimately compromises).

From Quiz: SPRG / Security Review | Updated: Jul 14, 2026