Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

HCISSP ISC2 > 3.3 Goals and Principles - Design Principles for Secure Systems > Flashcards

3.3 Goals and Principles - Design Principles for Secure Systems Flashcards

1
Q

What does the principle “Economy of Mechanism” mean ?

A

keep the design as simple and small as possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does the principle “Fail-safe defaults” mean ?

A

Base access decisions on permission rather than exclusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the principle “Complete mediation” mean ?

A

Every access to every object must be checked for authority.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the principle “Open design” mean ?

A

The design should not be secret.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What does the principle “Separation of privilege” mean and include ?

A

Where feasible, a protection mechanism that requires two keys to unlock it is more robust and flexible than one that allows access to the presenter of only a single key.

avoid highly privileged accounts like root/administrator that are attractive targets for attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What does the principle “Least privilege” mean ?

A

Every program and every user of the system should operate using the least set of privileges necessary to complete the job.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does the principle “Least common mechanism” mean and include?

A

Minimize the amount of mechanism common to more than one user and depended on by all users

Reduce amount of privileged code in libraries that needs to be reviewed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What does the principle “Psychological acceptability” mean ?

A

It is essential that the human interface be designed for ease of use, so that usersroutinely and automatically apply the protection mechanisms correctly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What does the principle “Work factor” mean and include ?

A

Compare the cost of circumventing the mechanism with the resources of a potential attacker.

increase costs to find and exploit software vulnerabilities (costs = training, skills, tools, computation, hardware)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What does the principle “Compromise recording” mean and include ?

A

It is sometimes suggested that mechanisms that reliably record that a compromise of information has occurred can be used in place of more elaborate mechanisms that completely prevent loss.

enable logging and (automatically) analyse logs to detect attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

name the 8 basic design principles by Saltzer/Schroeder.

A
  • Economy of mechanism
  • Fail-safe defaults
  • Complete mediation
  • Open design
  • Separation of privilege
  • Least privilege
  • Least common mechanism
  • Psychological acceptability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the additional two mechanisms which expand

Saltzer/Schroeder ?

A
  • Work factor

- Compromise recording

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

HCISSP ISC2 (56 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions