From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Join today to access over 22,500 courses taught by industry experts or purchase this course individually.
Secure defaults
From the course: CISSP Cert Prep (2021): 3 Security Architecture and Engineering
Secure defaults
- [Instructor] As we wrap up our discussion of secure design, let's talk about a few more important security design principles. The first of these is secure defaults. The secure defaults principle simply says that the systems we design should default to a secure mode if we don't do anything else. Configuration settings should default to secure options and require intervention to modify those options rather than defaulting to a weak configuration. Now you already know at least one example of secure defaults. The implicit deny rule used by firewalls is a great example of a secure default. If you take a firewall out of the box and pop it onto a network, it only has one rule, deny everything. The firewall won't allow any traffic to pass until it's configured with rules explicitly allowing that access. That's an example of a secure default. Engineers across all disciplines are familiar with another basic design principle…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.