Difficulty: Medium
Correct Answer: Applying least privilege, defense in depth, fail safe defaults, complete mediation, and regular updates and patching
Explanation:
Introduction / Context:
Designing secure computer programs is not just about adding encryption or passwords at the last minute. Security must be built on fundamental design principles that guide how permissions, checks, and failure modes are handled. Classic security literature describes several enduring principles that help reduce vulnerabilities and limit damage. This question asks you to recognize a list of such principles rather than unsafe practices or superficial measures.
Given Data / Assumptions:
Concept / Approach:
Least privilege means that programs and users should operate with the minimum set of permissions necessary to perform their tasks, limiting the impact of compromise. Defense in depth refers to layering multiple security controls so that if one fails, others still provide protection. Fail safe defaults (or secure by default) ensure that if something goes wrong or a setting is omitted, the system falls back to a secure state, not an open one. Complete mediation means that every access to a resource is checked, not just the first time, preventing bypass via cached permissions. Regular updates and patching address newly discovered vulnerabilities and keep software protected against known threats. Together, these principles promote robust, resilient security.
Step-by-Step Solution:
Step 1: Identify core security design principles: least privilege, defense in depth, fail safe defaults, complete mediation, and timely patching.
Step 2: Compare the provided options and look for the one that groups these principles or closely related concepts.
Step 3: Eliminate options that advocate risky behavior such as universal admin rights or no updates.
Step 4: Select the option that clearly describes recognized best practices for securing computer programs.
Verification / Alternative check:
Security textbooks and standards such as those from NIST, OWASP, and classic works by Saltzer and Schroeder emphasize least privilege, defense in depth, and secure defaults as key principles. They discourage approaches that grant broad privileges, rely solely on antivirus, or hide code without proper review. Industry checklists for secure coding also highlight input validation, access control, logging, and patch management. This consistency confirms that option A accurately reflects recognized principles for providing security for computer programs.
Why Other Options Are Wrong:
Option B is wrong because giving everyone administrator rights increases risk, and skipping updates leaves known vulnerabilities unpatched. Option C is misleading; obscurity alone does not create security and can hinder legitimate auditing and improvement. Option D is incorrect because antivirus is only one layer and cannot substitute for secure design. Option E describes a system with no logging or access control, which makes detecting attacks and enforcing protections extremely difficult.
Common Pitfalls:
A common pitfall is treating security as an add on instead of a design requirement, leading to ad hoc fixes rather than principled controls. Another mistake is relying on a single defense mechanism, such as a firewall, and ignoring internal threats or application level vulnerabilities. Some developers also underestimate the importance of updates and fail to plan for patch management. By adhering to principles such as least privilege, defense in depth, fail safe defaults, complete mediation, and regular patching, you create multiple barriers for attackers and reduce the impact of inevitable bugs.
Final Answer:
Applying least privilege, defense in depth, fail safe defaults, complete mediation, and regular updates and patching
Discussion & Comments