Podcast
Questions and Answers
What does the principle of separation of privilege suggest?
What does the principle of separation of privilege suggest?
- Security mechanisms should be compared with the resources of an attacker during design.
- Users should have separate channels to access resources to prevent security problems. (correct)
- Intrusions should be recorded rather than adopting sophisticated prevention measures.
- Security settings should adhere to what an ordinary user might expect.
What principle states that every access to a resource must be checked for compliance with a protection scheme?
What principle states that every access to a resource must be checked for compliance with a protection scheme?
- Complete mediation (correct)
- Work factor
- Least privilege
- Psychological acceptability
According to the principle of least privilege, a system protecting military secrets should have what type of security measures?
According to the principle of least privilege, a system protecting military secrets should have what type of security measures?
- Ease of circumventing security mechanisms.
- Less sophisticated security measures compared to a system protecting student grades. (correct)
- Reinforcing doors and windows against physical attacks.
- Sophisticated intrusion recording mechanisms.
Which principle suggests that a system should require users to sign on again after a certain period of time to enhance security?
Which principle suggests that a system should require users to sign on again after a certain period of time to enhance security?
What is the main concept behind the principle of least common mechanism?
What is the main concept behind the principle of least common mechanism?
Which principle advocates that the security architecture and design of a system should be publicly available?
Which principle advocates that the security architecture and design of a system should be publicly available?
How is the work factor principle related to the design of security schemes?
How is the work factor principle related to the design of security schemes?
Which security principle stresses simplicity in the design and implementation of security measures?
Which security principle stresses simplicity in the design and implementation of security measures?
What does the principle of psychological acceptability emphasize in user interfaces?
What does the principle of psychological acceptability emphasize in user interfaces?
Which concept states that performance improvement techniques should not save the results of previous authorization checks?
Which concept states that performance improvement techniques should not save the results of previous authorization checks?
Which system would likely require more sophisticated security measures: one protecting student grades or one protecting military secrets?
Which system would likely require more sophisticated security measures: one protecting student grades or one protecting military secrets?
Which principle allows for the scrutiny of a system by multiple parties?
Which principle allows for the scrutiny of a system by multiple parties?
Which principle emphasizes that security should rely on keeping cryptographic keys secret?
Which principle emphasizes that security should rely on keeping cryptographic keys secret?
Which security principle states that the default configuration of a system should have a conservative protection scheme?
Which security principle states that the default configuration of a system should have a conservative protection scheme?
In security, which principle involves integrating multiple data sources to determine the source of specific information?
In security, which principle involves integrating multiple data sources to determine the source of specific information?
Which security principle emphasizes limiting users' access rights to only what is necessary for their tasks?
Which security principle emphasizes limiting users' access rights to only what is necessary for their tasks?
Which security principle focuses on ensuring that system designs are comprehensible by developers and users?
Which security principle focuses on ensuring that system designs are comprehensible by developers and users?
Which security principle relates to the efficiency in the development and verification of enforcement methods?
Which security principle relates to the efficiency in the development and verification of enforcement methods?
Flashcards are hidden until you start studying
