What is the purpose of the Security-Usability threat model? (Select all that apply)
A) Understand how an attacker may exploit the system by compromising the security control of the system.
B) Understand how legitimate users may end up creating system vulnerabilities.
C) Understand how a valid user may be motivated to unknowingly adopt threat scenarios leading to system exploitation.
D) Understand how the usage scenario and the desired security practice conflicts with the expected user behavior.