CD-CSP Cybersecurity Principles

The purpose of the Cybersecurity Principles (CSP) Knowledge Unit is to equip students with basic security design fundamentals that enable them to build systems that can be trusted.

Learning outcomes

What a student must demonstrate to claim coverage of this unit. Each outcome links to the skill drills that assess it.

1. CD-CSP-O1 Differentiate and discuss the principles of cybersecurity.
2. CD-CSP-O2 Describe why each principle is important to security and how it enables the development of security mechanisms that can implement desired security policies.
3. CD-CSP-O3 Analyze common security failures and identify specific design principles that have been violated.
4. CD-CSP-O4 Given a specific scenario, identify and apply the design principles involved or needed.
5. CD-CSP-O5 Understand the interaction between security and system usability and the importance for minimizing the effects of security mechanisms.

Topics

The content areas within this unit. Curricula must cover an appropriate subset.

• CD-CSP-T16 Least Privilege
• CD-CSP-T18 Fail Safe Defaults/Fail Secure
• CD-CSP-T20 Minimize Trust Surface (e.g., Reluctance to trust, Zero Trust)

EWU courses that cover this unit

Exam questions that cite this unit

• CSCD240-E1-A-Q40 evaluation-order sort data.txt > data.txt — what happens to data.txt and why?
• CSCD240-E1-A-Q41 setuid Explain the setuid bit in 1-2 sentences using the term "effective user ID".
• CSCD240-E1-B-Q17 evaluation-order sort auth.log > auth.log — what happens, one-sentence why?
• CSCD240-E1-C-Q40 evaluation-order sort /var/log/audit.log > /var/log/audit.log — state and why.