Chapter 2: Security Principles Flashcards
Security Principle 1
Given enough time, tools, skills, and inclination, a malicious person can break through any security measure.
Security Principle 2
The Three Security Goals are: Confidentiality, Integrity, and Availability.
Security Principle 3
Defense in Depth as a Strategy
Security Principle 4
When left on their own, people tend to make the worst security decisions
Security Principle 5
Security Depends on Two Types of Requirements: Functional and Assurance
Security Principle 6
Security Through Obscurity is Not an Answer
Security Principle 7
Security = Risk Management
Security Principle 8
The Three Types of Controls are: Preventative, Detective, and Responsive
Security Principle 9
Complexity is the Enemy of Security
Security Principle 10
Fear, Uncertainty, and Doubt Do Not Work in Selling Security
Security Principle 11
People, Process, and Technology are All Needed to Adequately Secure a System or Facility
Security Principle 12
Open Disclosure of Vulnerabilities is Good for Security
B-Rate Safe
Any box with a lock on it; no testing required.
C-Rate Safe
Steel box with 1 inch thick door and a lock; no testing required.
UL TL-15 Safe
1 inch thick steel, and 15 minutes of concerted net working test time with tools