If a component fails, a system should be designed to do which of the following?
A.
Change to a protected execution domain
B.
Change to a problem state
C.
Change to a more secure state
D.
Release all data held in volatile memory
Explanation:
The state machine model dictates that a system should start up securely, conduct transitions securely, and even fail securely. This means that if the system encounters something it deems as unsafe, it should change to a more secure state for self-preservation and protection.