CISA Certified Information Systems Auditor – Question1774

Everything not explicitly permitted is forbidden has which of the following kinds of tradeoff?

A. it improves security at a cost in functionality.
B. it improves functionality at a cost in security.
C. it improves security at a cost in system performance.
D. it improves performance at a cost in functionality.
E. None of the choices.

Correct Answer: A

Explanation:

Explanation:
“Everything not explicitly permitted is forbidden (default deny) improves security at a cost in functionality. This is a good approach if you have lots of security threats. On the other hand, “”Everything not explicitly forbidden is permitted”” (default permit) allows greater functionality by sacrificing security. This is only a good approach in an environment where security threats are non- existent or negligible.”