Nov 2 • 🙋♂️ CISSP
CISSP Practice Question – Security Architecture & Engineering (Assurance & Design Principles)
A national intelligence agency is designing a new system to process both Top Secret and Unclassified data simultaneously. Engineers propose using a formally verified microkernel operating system that enforces strict separation between processes through hardware-based memory isolation.
During review, an executive asks why the team insists on this complex design instead of using simpler software-based access controls at the application layer.
Which concept BEST justifies the microkernel approach?
A. Complete mediation — ensuring every access request is validated against the security policy.
B. Security kernel — implementing reference monitor functions at the lowest level of the system.
C. Layered defense — using multiple, independent safeguards at different levels of abstraction.
D. Economy of mechanism — minimizing system complexity to reduce potential vulnerabilities.
3
12 comments
CISSP Practice Question – Security Architecture & Engineering (Assurance & Design Principles)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+41
2
+30
3
+30
4
+26
5
+15
Powered by