INFORMATION SECURITY AND AUDIT
1. Overview of information security
2. Information and Network Security Policies
3. Cryptography and PKI
4. Network security applications
5. Design Principles
6. Compliance, Evaluation system and Law
7. Malicious logic and attacks
8. Vulnerability analysis and IT Audit
9. Intrusion detection and log analysis
LAB WORK -ISA
SOLVED PRACTICE QUESTIONS
PREV NEXT

Principle of Fail-Safe Defaults

The Principle of Fail-Safe Defaults is a key concept in information security that asserts systems should default to a secure state in the event of a failure. This principle ensures that the default configuration of a system denies access unless explicit permissions are granted, thereby minimizing the risk of unauthorized access or actions.

Principle of Fail-Safe Defaults

  1. Deny by Default:
    • Access to resources should be denied unless there is a specific, explicit policy that grants access. This ensures that no one gets access by mistake or oversight.
  2. Secure Failure Modes:
    • When a system encounters an error or failure, it should automatically switch to a secure state. For example, if a firewall fails, it should default to blocking all traffic rather than allowing it.
  3. Explicit Permissions:
    • Access permissions should be clearly defined and granted explicitly rather than implicitly. This reduces the chances of inadvertently giving access to unauthorized users.
  4. Error Handling:
    • Implement robust error handling that defaults to secure options. This includes validating inputs, handling exceptions securely, and ensuring that errors do not expose sensitive information.
  5. Audit and Review:
    • Regularly audit and review configurations and permissions to ensure that default settings are secure and that no unauthorized changes have been made.

 

PREV NEXT