Introduction To Secure Desgin

Question 1

What is modularity

Answer 1

Breaking a program into single modules, makes code easier to manage, test, and update
It also limit impact of bugs or security flaws

Question 2

Example when using Django for Modularity

Answer 2

In app like user, payment, and order are separated in Django module, for example vulnerability in payment dosent affect user or orders

Question 3

What is Encapsulation?

Answer 3

Encapsulation is the practice of hiding internal data and logic, exposing only what’s necessary.

✅ Prevents direct access to sensitive parts of the code
✅ Protects from accidental misuse or malicious exploitation

Question 4

Encapsulation when using Django

Answer 4

Using private functions or internal classes in views/models

Only exposing APIs or URLs needed by the frontend, keeping others inaccessible

Question 5

Modularity for Security in Django

Answer 5

Encourages separation of concerns

You can apply security controls per module (e.g. only authenticated users access the admin app)

Easier to test and patch vulnerabilities without breaking the whole project

Question 6

Encapsulation for Security in Django

Answer 6

Sensitive logic (e.g. password hashing) is hidden in secure modules

Form validation and CSRF tokens are encapsulated in Django’s forms system

Prevents frontend users from seeing or manipulating backend logic

Question 7

Why use both of modularity and encapsulation

Answer 7

Reduce the chance of accidental security breaches

Limit the scope of an attack if a vulnerability is found

Help maintain clean, secure, and scalable code