Chapter 2: Security Principles

Question 1

Security Principle 1

Answer 1

Given enough time, tools, skills, and inclination, a malicious person can break through any security measure.

Question 2

Security Principle 2

Answer 2

The Three Security Goals are: Confidentiality, Integrity, and Availability.

Question 3

Security Principle 3

Answer 3

Defense in Depth as a Strategy

Question 4

Security Principle 4

Answer 4

When left on their own, people tend to make the worst security decisions

Question 5

Security Principle 5

Answer 5

Security Depends on Two Types of Requirements: Functional and Assurance

Question 6

Security Principle 6

Answer 6

Security Through Obscurity is Not an Answer

Question 7

Security Principle 7

Answer 7

Security = Risk Management

Question 8

Security Principle 8

Answer 8

The Three Types of Controls are: Preventative, Detective, and Responsive

Question 9

Security Principle 9

Answer 9

Complexity is the Enemy of Security

Question 10

Security Principle 10

Answer 10

Fear, Uncertainty, and Doubt Do Not Work in Selling Security

Question 11

Security Principle 11

Answer 11

People, Process, and Technology are All Needed to Adequately Secure a System or Facility

Question 12

Security Principle 12

Answer 12

Open Disclosure of Vulnerabilities is Good for Security

Question 13

B-Rate Safe

Answer 13

Any box with a lock on it; no testing required.

Question 14

C-Rate Safe

Answer 14

Steel box with 1 inch thick door and a lock; no testing required.

Question 15

UL TL-15 Safe

Answer 15

1 inch thick steel, and 15 minutes of concerted net working test time with tools

Question 16

UL TL-30 Safe

Answer 16

1 inch thick steel and 30 minutes of concerted net working test time with additional tools.