Security Principles

Question 1

Describe this security principle:

Know Your Threat Model

Answer 1

Know what you’re protecting and from whom

Question 2

What does the Know Your Threat Model include?

Answer 2

• Assumptions
• Most critical relevant threats
• Specified actions and steps

Question 3

When should the Know Your Threat Model be performed?

Answer 3

Before and after deployment

Question 4

Describe this security principle:

Economy of Security Mechansim

Answer 4

Make it so that the reward is not worth the effort for the attacker

Question 5

What is the trade off for the defender with the Economy of Security Mechanism?

Answer 5

Cost and level of security

Question 6

Describe this security principle:

Open Design

Answer 6

Protect the key > secret design

Question 7

What two principles go in hand with Open Design?

Answer 7

Kerckhoff’s Principle and Shannon’s Maxim

Question 8

Describe

Kerckhoff’s Principle

Answer 8

The system should still be secure even if everything about it is public except for the key

Question 9

Describe

Shannon’s Maxim

Answer 9

The enemy will know the system

Question 10

Describe this security principle:

Fail-Safe Defaults

Answer 10

Have access based on explicit permission instead of exclusion

Question 11

Why are conditional requirements not included in Fail-Safe Defaults?

Answer 11

Risky, limited scope, could produce false negative/positive results

Question 12

Describe this security principle:

Least Privilege

Answer 12

Granting minimal access using compartmentalization and isolation

Question 13

Define

Compartmentalization

Answer 13

Division into separate components so that each has their own data and resources

Question 14

Define

Isolation

Answer 14

Separation for independent functions

Question 15

Why are compartmentalization and isolation necessary in security defenses?

Answer 15

Contains the threats to 1 spot and minimized lateral movement between functions

Question 16

Describe this security principle: Architecture Design

Name the two architectural designs

Answer 16

Monolithic and Component

Question 17

Define

Monolithic Architecture Design

Answer 17

The system/entity is 1 tight unit with the same processes and runtime

Question 18

Define

Component Architecture Design

Answer 18

Multiple separate entities

Question 19

Pros of Monolithic Design

Answer 19

Simplier and easier to develop, increased performance (more efficient)

Question 20

Cons of Monolithic Design

Answer 20

Not scalable, inflexible, difficult to maintain if the system is too large

Question 21

Pros of Component Design

Answer 21

Modularity, easy maintanence, flexible, scalable

Question 22

Cons of Component Design

Answer 22

Complex with significant overhead involved

Question 23

When is it best to use either Monolithic or Component architecture designs?

Answer 23

Monolithic: smaller projects
Component: larger projects

Question 24

Describe this security principle:

Complete Mediation

Answer 24

Every access to every resource is checked which is reinforced by the reference monitor

Question 25

Criteria of a reference monitor

Answer 25

• Unbypassable
• Temper-proof
• Verifiable

Question 26

Describe this security principle:

Separation of Privilege

Answer 26

Dsitribution of function across multiple entities

Question 27

Describe this security principle:

Defense in Depth

Answer 27

Multiple security measures that uses 2 of:
* Something the user knows
* Something the user has
* Something the user is

Question 28

Provide an example for each of the criterias of the Defense in Depth:
* Something the user knows
* Something the user has
* Something the user is

Answer 28

Something the user knows: a password, code
Something the user has: phone
Something the user is: face/fingerprint

Question 29

When dealing with human factors, what is one solution to complex password requirements?

Answer 29

A password manager that will store complex passwords but the user only has to remember one password to access the manager

Question 30

Define

Psychological acceptability

Answer 30

Is it reasonable, understandable, and acceptable?

Question 31

What should you be resilient to when thinking about security principles?

Answer 31

Variations in human behavior

Question 32

What should you not overly rely on when thinking about security principles?

Answer 32

Don’t overly rely on assumptions

Question 33

What should you address when thinking about security?

Answer 33

The weakest link

Question 34

List all of the Security Principles

Answer 34

• Know Your Threat Model
• Economy of Security Mechanism
• Open Design
• Fail-Safe Defaults
• Least Privilege
• Separation of Privilege
• Defense in Depth
• Complete Mediation