CSSLP Question #212: Real Exam Question with Answer & Explanation

The correct answer is B: Economy of mechanism. The security design principle of economy of mechanism advocates for simple, small, and comprehensible security designs to minimize potential vulnerabilities and unintended access paths.

Secure Software Architecture and Design

Question

Which of the following security design principles supports comprehensive and simple design and implementation of protection mechanisms, so that an unintended access path does not exist or can be readily identified and eliminated?

Options

ALeast privilege
BEconomy of mechanism
CPsychological acceptability
DSeparation of duties

Explanation

The security design principle of economy of mechanism advocates for simple, small, and comprehensible security designs to minimize potential vulnerabilities and unintended access paths.

Common mistakes.

A. Least privilege states that a user or process should be granted only the minimum necessary permissions to perform its function, focusing on access rights rather than design complexity.
C. Psychological acceptability refers to the ease of use and acceptance of security mechanisms by users, ensuring they do not hinder productivity, rather than the simplicity of the underlying design.
D. Separation of duties requires dividing critical tasks among multiple individuals to prevent fraud or error, focusing on administrative controls rather than the technical design simplicity of protection mechanisms.

Concept tested. Security design principles

Reference. https://learn.microsoft.com/en-us/security/benchmark/azure/security-controls-v3-design-architecture#da-2-implement-security-principles

Topics

#Security Design Principles#Economy of Mechanism#Secure Design#Vulnerability Reduction

Community Discussion

No community discussion yet for this question.

Full CSSLP Practice Browse All CSSLP Questions