Explanation of why each principle is important to security and how it enables the development of security mechanisms to implement desired security policies
Description
Cybersecurity Principles Reference Guide
Assessment Description
Cybersecurity principles of IT focus on a set of practices intended to keep a corporate infrastructure secure.
These practices include, but are not limited to, system, data, internal, external, and physical security. The
principles are designed to prevent unauthorized access or alterations of a corporate environment. By
understanding how cybersecurity principles are defined, they can be used to develop a comprehensive,
corporate-specific, security policy.
Assignment:
For each of the principles listed, include the following:
• Definition (1-2 sentences written in your own words)
• Explanation of why each principle is important to security and how it enables the development of security
mechanisms to implement desired security policies
- Separation (of domains/duties)
- Isolation
- Encapsulation
- Modularity
- Simplicity of design (economy of mechanism)
- Minimization of implementation (least common mechanism)
- Open design
- Complete mediation
- Least privilege
- Fail-safe defaults/Fail secure
- Least astonishment (psychological acceptability)
- Minimize trust surface (reluctance to trust)
- Usability
- Trust relationships
***Please provide a definition and explanation for each of the 14 principles
