Sample Final

These are sample questions that are very similar to the ones I will ask on the final.

1. In computer security, a Trojan horse is:
   1. A program that has components distributed over many systems, and is used to launch denial of service attacks
   2. A program that absorbs all available resources of a particular type
   3. A program with an overt, known purpose and a covert, unknown (and probably undesireable) purpose
   4. A program that blocks any incoming spam emails

2. Which of the following does the Needham-Schroeder protocol require?
   1. A trusted third party
   2. A public key cryptosystem
   3. A certificate authority to identify the users
   4. A connection to the Internet

3. Consider a system that used the Bell-LaPadula model to enforce confidentiality and the Biba model to enforce integrity.
   1. If the security classes were the same as integrity classes, what objects could a given process (with some security class that also served as its integrity class) access?
   2. Why is this scheme not used in practice?

4. Define each of the following terms in one short sentence:
   1. public key cryptosystem
   2. challenge-response
   3. computer worm
   4. end-to-end encryption

5. What is a certificate? What is it used for?

6. Does the UNIX operating system enforce the principle of complete mediation for ordinary users (i.e., excluding root)? If not, what needs to be changed to enforce that principle?

7. The following routine reads a file name from the standard input and returns its protection mode. It treats the argument as a file name, and returns the protection mode of the file as a short integer. Identify three non-robust features of this routine, and state how to fix them.

   
   /* return protection mode of the named file */
   short int protmode(void)
   {
       struct stat stbuf;
       char inbuf[100];
   
       gets(inbuf);
       stat(inbuf, &stbuf);
       return(stbuf.st_mode&0777);
   }
   

8. Show how ACLs and C-Lists are derived from an access control matrix.

9. Name the 5 steps in the flaw hypothesis methodology and briefly say what each is. Which part of that methodology is often omitted? Why?

10. Why do some organizations use a DMZ in their network configuration, rather than simply filtering traffic and allowing connections intended for the web and email servers to pass through the firewall?

Matt Bishop Office: 2209 Watershed Sciences Phone: +1 (530) 752-8060 Email: mabishop@ucdavis.edu

ECS 153, Computer Security Version of May 23, 2021 at 9:53PM

You can also obtain a PDF version of this.