FREE ISSAP Security Design Principles Questions and Answers
Which of the following is the primary goal of security design principles?
Security design principles aim to minimize system vulnerabilities, safeguard data, and mitigate risks to ensure confidentiality, integrity, and availability.
What is the principle of "least privilege" in security design?
The principle of least privilege ensures users or processes have only the permissions required to perform their tasks, reducing the risk of accidental or intentional misuse.
Which security design principle involves dividing a system into smaller parts to reduce overall risk?
Separation of duties prevents a single individual or process from having enough access or control to compromise the system, thereby reducing risk.
The concept of "defense in depth" relies on which of the following?
Defense in depth employs multiple layers of security to protect against potential threats, ensuring that if one layer fails, others can provide protection.
What does the principle of "fail-safe defaults" emphasize?
Fail-safe defaults ensure that when a system fails, it does so in a way that restricts access, preventing unauthorized use during outages.