Official (ISC)² CSSLP - Domain 1
Secure Software Concepts Exam Q&A
Disposition - ANSWER-The secure disposal of software and the data the software
processes, transmits, and stores.
Economy of mechanism - ANSWER-A security design principle that states that the
likelihood of vulnerabilities increases with the complexity of the software design.
Fail safe - ANSWER-A security design principle that ensures that when the software
fails, the confidentiality, integrity, and availability of the software is still maintained
along with rapid recovery. Also known as Fail Secure.
Integrity - ANSWER-A security concept that assures protection against unauthorized
alterations (or modifications).
Least common mechanism - ANSWER-A security design principle that states that
when the software is architected, the mechanisms that are common (shared)
between two different users or processes must be minimized.
Least privilege - ANSWER-A security design principle in which a user or process is
explicitly given only the necessary and minimum level of access rights (privileges) for
a specified amount of time, in order to complete an operation.
Leveraging existing components - ANSWER-A security design principle that ensures
that the attack surface is not increased and no newer vulnerabilities are introduced
because existing components of code/functionality are reused (leveraged) when
architecting software.
Non-repudiation - ANSWER-A security concept that addresses the deniability of
actions taken by the software or the user. It ensures that the actions taken by the
software on behalf of the user (intentionally or unintentionally) cannot be refuted or
denied.
Open design - ANSWER-A security design principle that states that the security of
the software/system should not be a secret, but be open for review.
Psychological acceptability - ANSWER-A willingness of users to accept a particular
control.
Separation of duties - ANSWER-A security design principle that ensures that no one
person or process can complete an operation in its entirety. It is also referred to as
the compartmentalization principle.
Secure Software Concepts Exam Q&A
Disposition - ANSWER-The secure disposal of software and the data the software
processes, transmits, and stores.
Economy of mechanism - ANSWER-A security design principle that states that the
likelihood of vulnerabilities increases with the complexity of the software design.
Fail safe - ANSWER-A security design principle that ensures that when the software
fails, the confidentiality, integrity, and availability of the software is still maintained
along with rapid recovery. Also known as Fail Secure.
Integrity - ANSWER-A security concept that assures protection against unauthorized
alterations (or modifications).
Least common mechanism - ANSWER-A security design principle that states that
when the software is architected, the mechanisms that are common (shared)
between two different users or processes must be minimized.
Least privilege - ANSWER-A security design principle in which a user or process is
explicitly given only the necessary and minimum level of access rights (privileges) for
a specified amount of time, in order to complete an operation.
Leveraging existing components - ANSWER-A security design principle that ensures
that the attack surface is not increased and no newer vulnerabilities are introduced
because existing components of code/functionality are reused (leveraged) when
architecting software.
Non-repudiation - ANSWER-A security concept that addresses the deniability of
actions taken by the software or the user. It ensures that the actions taken by the
software on behalf of the user (intentionally or unintentionally) cannot be refuted or
denied.
Open design - ANSWER-A security design principle that states that the security of
the software/system should not be a secret, but be open for review.
Psychological acceptability - ANSWER-A willingness of users to accept a particular
control.
Separation of duties - ANSWER-A security design principle that ensures that no one
person or process can complete an operation in its entirety. It is also referred to as
the compartmentalization principle.