Question 1

F​ill in the blanks:

The principle of ______ says that security mechanisms should not add to the difficulty of accessing a resource; it is an idealized version of the principle of ______, which says that security mechanisms should match the user's mental model, so he or she is not surprised by what is required.


Question 2

Which of the following is part of the principle of fail-safe defaults?


Question 3

Which of the following is a violation of the principle of open design?


Question 4

Which principle is reflected by the structure of a castle with a moat, two walls, and a keep?


Question 5

Which of the following is part of the principle of fail-safe defaults?


Question 6

Which of the principles does using complex interfaces and code violate? Pick the best one.