The Data and Analysis Center for Software (DACS) specifies three general principles for software
assurance which work as a framework in order to categorize various secure design principles.
Which of the following principles and practices does the General Principle 1 include? Each correct
answer represents a complete solution. Choose two.
A.
Principle of separation of privileges, duties, and roles
B.
Assume environment data is not trustworthy
C.
Simplify the design
D.
Principle of least privilege
Explanation:
General Principle 1- Minimize the number of high-consequence targets includes the
following principles and practices:
Principle of least privilege Principle of separation of privileges, duties, and roles Principle of
is included in the General Principle 3.