To answer this question, you need to understand the concept of "security-through-obscurity" and the corresponding security design principle.
Option A) Defense-in-depth - This option is incorrect. Defense-in-depth is a security design principle that advocates for implementing multiple layers of security measures to protect against potential threats. It does not specifically address the practice of "security-through-obscurity."
Option B) Open design - This option is correct. Open design is a security design principle that emphasizes the importance of not relying on secrecy or hiding security mechanisms. It promotes the idea that security should be based on the strength of the design and not on keeping the design secret. Therefore, it aligns with the practice of "Security should not depend on security-through-obscurity."
Option C) Complete mediation - This option is incorrect. Complete mediation is a security design principle that focuses on the concept of ensuring that every access to a system or resource is checked and authorized. It does not directly relate to the practice of "security-through-obscurity."
Option D) Analyzability - This option is incorrect. Analyzability is a security design principle that emphasizes the importance of being able to analyze and understand the security mechanisms and design of a system. While it is related to the overall security of a system, it does not specifically address the practice of "security-through-obscurity."
The correct answer is B) Open design. This option is correct because it aligns with the principle that "Security should not depend on security-through-obscurity." Open design promotes the idea that security should be based on the strength of the design and not on keeping the design secret.