CYB-515 Principles of Cybersecurity Reference Guide
docx
keyboard_arrow_up
School
Grand Canyon University *
*We aren’t endorsed by this school
Course
CYB-515
Subject
Information Systems
Date
Dec 6, 2023
Type
docx
Pages
7
Uploaded by jeffermine
1
Principles of Cybersecurity Reference Guide
CYB-515
Grand Canyon University
November 14
th
, 2023
Principles
Definition
Security Importance
Separation (of Separation of different Reduces the attack surface
Principles of Cybersecurity Reference Guide 2
domains/duties)
systems to prevent unauthorized access and limit the impact of a security breach
by compartmentalizing functions and responsibilities, making it harder for an attacker to compromise the entire system. (Imperva, n.d)
Isolation
Creating boundaries between multiple software to contain the impact of security incidents
This principle is important as it prevents the spread of a compromise, ensuring that even if one part is breached, the rest remains secure (Plankers, 2020)
Encapsulation
Packaging components in a way that their internal workings are hidden, and access is controlled through
well-defined interfaces
It enables controlled and secure communication between different parts of a
system, prevents unauthorized interference and protects the integrity of
the encapsulated components (Sumo logic, n.d)
Modularity
Advocates for breaking a system into small, independently replaceable modules.
Modularity is important because it allows for easier management and updating of components without
Principles of Cybersecurity Reference Guide 3
affecting the entire system (Silverthread, July 14).
Simplicity of Design (economy of mechanism)
Simple design that reduces the likelihood of security vulnerabilities and makes it easier to understand and manage.
A simple design is more likely to be secure because there are fewer elements to analyze, and the potential for oversights or errors is minimized (pearson, 2003).
Minimization of implementation (least
common mechanism)
Minimizing the use of shared mechanisms between different users or components.
By limiting commonalities,
the impact of a compromise is contained, and the overall security is enhanced (Pearson, 2003).
Open Design
Open design contributes to transparency and trustworthiness, as it invites
external review and validation
Allows for scrutiny by the public, increasing the likelihood of identifying and addressing security vulnerabilities (Pearson, 2003).
Complete Mediation
Helps in preventing circumvention of security measures
Ensures that security policies are consistently enforced, leaving no gaps for unauthorized access (Pearson, 2003).
Layering (defense in
depth)
Implementing multiple layers of security Redundancy and resilience,
makes it harder for an
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Principles of Cybersecurity Reference Guide 4
mechanisms to protect against different types of attacks
attacker to compromise the entire system (Fortinet, n.d).
Least Privilege
Users being granted a minimum level of access or permissions necessary to perform its tasks.
It minimizes potential damages caused by a security breach and reducing the attack surface (Pearson, 2003).
Fail-Safe Defaults (open/secure)
Systems should be able to default to a secure state in the event of an error or failure
Fail-safe defaults prevent unauthorized access and minimize the risk of security incidents in case of
system failures (Pearson, 2003).
Least Astonishment (psychological acceptability)
Focuses on designing security mechanisms that align with users' expectations and mental models
Important for user acceptance and adherence to security policies, as systems that behave unexpectedly may lead to insecure practices (Pearson,
2003).
Principles of Cybersecurity Reference Guide 5
Minimize Trust Surface (reluctance to trust)
Refers to the points in a system where trust is extended
Minimizing the trust surface reduces the opportunities for attackers to exploit trust relationships and limits the potential impact of a compromised trust point (NcyteCenter, n.d).
Usability
Ensures that users can effectively and correctly utilize security features.
Encourages users to follow secure practices and preventing security measures from being circumvented due to user frustration or confusion (NcyteCenter, n.d).
Trust Relationships
Building and managing trust relationships are essential for security.
Trust should be established only where necessary, and the terms of trust relationships should be clearly defined to minimize
the risk of exploitation (NcyteCenter, n.d).
Principles of Cybersecurity Reference Guide 6
Reference
Dependency Analysis for Code Security. https://www.silverthreadinc.com/post/the-
importance-of-modularity-in-software-security-and-applying-dependency-analysis-
for-code-security
Fortinet, (n.d). Defense in Depth. https://www.fortinet.com/resources/cyberglossary/defense-
in-depth
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Principles of Cybersecurity Reference Guide 7
Imperva, (n.d). Separation of Duty. https://www.imperva.com/learn/data-security/separation-
of-duties/
NcyteCenter, (n,d). Cybersecurity Principles. https://www.ncyte.net/faculty/cybersecurity-
curriculum/college-curriculum/interactive-lessons/cybersecurity-principles
Pearson, (2003). InformIT: Design Principles for Security Mechanisms. https://www.informit.com/articles/article.aspx?p=30487&seqNum=2#:~:text=The
%20principle%20of%20economy%20of%20mechanism%20states%20that,fewer
%20components%20and%20cases%20need%20to%20be%20tested.
Plankers, B. (2020). The Importance of Isolation for Security. https://blogs.vmware.com/vsphere/2020/07/importance-of-isolation-for-security.html
Sumo logic (n.d) What is Encapsulation. https://www.sumologic.com/glossary/encapsulation/
Silverthread (July 14). The Importance of Modularity in Software Security and Applying