Q1. What is the principle of least privilege?
ANSWER It states that every user, program, or system component should be
granted only the minimum access rights necessary to perform its intended
function, reducing the attack surface.
Q2. What does 'defense in depth' mean in secure software design?
ANSWER It is a layered security strategy that uses multiple independent
security controls so that if one layer fails, others still protect the system.
Q3. What is the principle of separation of duties?
ANSWER It divides critical tasks among multiple individuals or systems so
no single entity has enough access to cause significant harm or fraud alone.
Q4. What is the fail-safe default principle?
ANSWER Access should be denied by default; explicit permission must be
granted. If a system fails, it should revert to a secure state rather than an open
one.
Q5. What does 'economy of mechanism' mean?
ANSWER Security mechanisms should be as simple and small as possible;
complex designs increase the likelihood of vulnerabilities and make review
harder.
Q6. What is the open design principle?
ANSWER Security should not depend on the secrecy of the design or
implementation; algorithms and mechanisms should be publicly reviewable
while keys remain secret.
Q7. What is complete mediation in secure design?
ANSWER Every access request to every resource must be checked against
the access control mechanism every time, without exception or caching of
results.
Q8. What is psychological acceptability in security design?
, ANSWER Security mechanisms should be easy to use so users naturally
apply them correctly; poor usability leads users to bypass controls.
Q9. What is the principle of least common mechanism?
ANSWER Shared mechanisms that multiple users depend on should be
minimized because shared state creates pathways for information leakage
between subjects.
Q10. What is attack surface reduction?
ANSWER Minimizing the number of entry points, services, APIs, and
exposed components in software to reduce the number of avenues an
attacker can exploit.
Q11. What is the concept of secure defaults?
ANSWER Software should ship with the most secure configuration options
enabled by default so users must actively choose less-secure settings.
Q12. What is the principle of input validation?
ANSWER All data from external sources must be validated for type, length,
format, and range before being processed to prevent injection and other
attacks.
Q13. What is output encoding?
ANSWER Transforming output data into a safe format appropriate for its
context (e.g., HTML encoding) to prevent injection attacks like XSS.
Q14. What is a trust boundary?
ANSWER A boundary between components or systems with different levels
of trust, where data crossing the boundary must be validated and sanitized.
Q15. What is the concept of 'fail securely'?
ANSWER When errors occur, the system should fail in a way that does not
expose sensitive data, grant unauthorized access, or leave the system in an
insecure state.
Q16. What is data minimization?
ANSWER Collecting and retaining only the minimum data necessary for the
intended purpose, reducing exposure in the event of a breach.
Q17. What is the principle of separation of privilege?
ANSWER A system should require more than one condition to be satisfied
before granting access or performing a sensitive operation.
Q18. What is the concept of need-to-know?
, ANSWER Users and systems should only have access to the information
required to perform their specific job function.
Q19. What is immutable infrastructure in secure design?
ANSWER Infrastructure that is never modified after deployment; instead,
new versions replace old ones, reducing configuration drift and unauthorized
changes.
Q20. What is the principle of accountability in secure design?
ANSWER All actions by users and systems should be logged and traceable
to an identity so that breaches and misuse can be investigated.
Q21. What does 'security by design' mean?
ANSWER Security considerations are integrated into every phase of
software development from the beginning, rather than being added as an
afterthought.
Q22. What is a security policy?
ANSWER A formal document that defines the rules, guidelines, and
practices governing how an organization manages and protects its information
assets.
Q23. What is privilege escalation?
ANSWER An attack where a user gains more privileges than intended, either
by exploiting a flaw (vertical escalation) or assuming another user's privileges
(horizontal escalation).
Q24. What is the concept of compartmentalization?
ANSWER Dividing a system into isolated segments so that a breach in one
segment does not automatically compromise others.
Q25. What is the zero-trust security model?
ANSWER A model that assumes no user or system inside or outside the
network perimeter is trusted by default; all access must be continuously
verified.
Q26. What is a secure coding standard?
ANSWER A set of rules and guidelines developers must follow to produce
code free of common vulnerabilities, such as CERT Secure Coding Standards
or MISRA.
Q27. What is the concept of risk-based security?
ANSWER Prioritizing security investments based on the likelihood and
impact of potential threats rather than applying uniform controls to everything.
ANSWER It states that every user, program, or system component should be
granted only the minimum access rights necessary to perform its intended
function, reducing the attack surface.
Q2. What does 'defense in depth' mean in secure software design?
ANSWER It is a layered security strategy that uses multiple independent
security controls so that if one layer fails, others still protect the system.
Q3. What is the principle of separation of duties?
ANSWER It divides critical tasks among multiple individuals or systems so
no single entity has enough access to cause significant harm or fraud alone.
Q4. What is the fail-safe default principle?
ANSWER Access should be denied by default; explicit permission must be
granted. If a system fails, it should revert to a secure state rather than an open
one.
Q5. What does 'economy of mechanism' mean?
ANSWER Security mechanisms should be as simple and small as possible;
complex designs increase the likelihood of vulnerabilities and make review
harder.
Q6. What is the open design principle?
ANSWER Security should not depend on the secrecy of the design or
implementation; algorithms and mechanisms should be publicly reviewable
while keys remain secret.
Q7. What is complete mediation in secure design?
ANSWER Every access request to every resource must be checked against
the access control mechanism every time, without exception or caching of
results.
Q8. What is psychological acceptability in security design?
, ANSWER Security mechanisms should be easy to use so users naturally
apply them correctly; poor usability leads users to bypass controls.
Q9. What is the principle of least common mechanism?
ANSWER Shared mechanisms that multiple users depend on should be
minimized because shared state creates pathways for information leakage
between subjects.
Q10. What is attack surface reduction?
ANSWER Minimizing the number of entry points, services, APIs, and
exposed components in software to reduce the number of avenues an
attacker can exploit.
Q11. What is the concept of secure defaults?
ANSWER Software should ship with the most secure configuration options
enabled by default so users must actively choose less-secure settings.
Q12. What is the principle of input validation?
ANSWER All data from external sources must be validated for type, length,
format, and range before being processed to prevent injection and other
attacks.
Q13. What is output encoding?
ANSWER Transforming output data into a safe format appropriate for its
context (e.g., HTML encoding) to prevent injection attacks like XSS.
Q14. What is a trust boundary?
ANSWER A boundary between components or systems with different levels
of trust, where data crossing the boundary must be validated and sanitized.
Q15. What is the concept of 'fail securely'?
ANSWER When errors occur, the system should fail in a way that does not
expose sensitive data, grant unauthorized access, or leave the system in an
insecure state.
Q16. What is data minimization?
ANSWER Collecting and retaining only the minimum data necessary for the
intended purpose, reducing exposure in the event of a breach.
Q17. What is the principle of separation of privilege?
ANSWER A system should require more than one condition to be satisfied
before granting access or performing a sensitive operation.
Q18. What is the concept of need-to-know?
, ANSWER Users and systems should only have access to the information
required to perform their specific job function.
Q19. What is immutable infrastructure in secure design?
ANSWER Infrastructure that is never modified after deployment; instead,
new versions replace old ones, reducing configuration drift and unauthorized
changes.
Q20. What is the principle of accountability in secure design?
ANSWER All actions by users and systems should be logged and traceable
to an identity so that breaches and misuse can be investigated.
Q21. What does 'security by design' mean?
ANSWER Security considerations are integrated into every phase of
software development from the beginning, rather than being added as an
afterthought.
Q22. What is a security policy?
ANSWER A formal document that defines the rules, guidelines, and
practices governing how an organization manages and protects its information
assets.
Q23. What is privilege escalation?
ANSWER An attack where a user gains more privileges than intended, either
by exploiting a flaw (vertical escalation) or assuming another user's privileges
(horizontal escalation).
Q24. What is the concept of compartmentalization?
ANSWER Dividing a system into isolated segments so that a breach in one
segment does not automatically compromise others.
Q25. What is the zero-trust security model?
ANSWER A model that assumes no user or system inside or outside the
network perimeter is trusted by default; all access must be continuously
verified.
Q26. What is a secure coding standard?
ANSWER A set of rules and guidelines developers must follow to produce
code free of common vulnerabilities, such as CERT Secure Coding Standards
or MISRA.
Q27. What is the concept of risk-based security?
ANSWER Prioritizing security investments based on the likelihood and
impact of potential threats rather than applying uniform controls to everything.
