Certified Information Systems Security Professional (CISSP) — Question 363

What security principle addresses the issue of "Security by Obscurity"?

Answer options

• A. Open design
• B. Role Based Access Control (RBAC)
• C. Segregation of duties (SoD)
• D. Least privilege

Correct answer: A

Explanation

The correct answer is A, Open design, as it emphasizes that security should not depend on keeping the system's inner workings secret. Options B, C, and D focus on different security measures that do not inherently address the flaws of 'Security by Obscurity'.