Why should information security system be as simple as possible?
What will be an ideal response?
Because attacks can come from a variety of sources and in many forms, information security is, by its very nature, complex. And the more complex something becomes, the more difficult it is to understand. A security guard who does not understand how motion detectors interact with infrared trip lights may not know what to do when one system alarm shows an intruder but the other does not. In addition, complex systems allow many opportunities for something to go wrong. In short, complex systems can be a thief 's ally.
The same is true with information security. Complex security systems can be hard to understand, hard to troubleshoot, and hard to feel secure about. As much as possible, a secure system should be simple enough for those on the inside to understand and use. Complex security schemes are often compromised to make them easier for trusted users to work with, yet this can also make it easier for the attackers as well.
You might also like to view...
A(n) notation must supply a name for the data type and provide clues about how applications should handle the data.
Answer the following statement true (T) or false (F)
Which of the following statements are true?
a. ObjectInputStream/ObjectOutputStream enables you to perform I/O for objects in addition for primitive type values and strings. b. Since ObjectInputStream/ObjectOutputStream contains all the functions of DataInputStream/DataOutputStream, you can replace DataInputStream/DataOutputStream completely by ObjectInputStream/ObjectOutputStream. c. To write an object, the object must be serializable. d. The Serializable interface does not contain any methods. So it is a mark interface. e. If all the elements in an array is serializable, the array is serializable too.