Question 125
Main Page
Which of the following best defines the principle of “assume external systems are insecure”?
A. Trust third-party security controls
B. Encrypt only internal communications
C. Validate inputs and treat external systems as untrusted
D. Apply public key infrastructure to all assets
Answer: Validate inputs and treat external systems as untrusted
This principle promotes cautious integration and validation of all data from external sources.