Homework 4

Due: November 21, 2025
Points: 100

Short Answer

Answer these questions in one or two sentences.

  1. (5 points) In election terminology, what is a DRE+VVPAT?
  2. (5 points) Define “malware”.
  3. (5 points) What is the entropy of the result of a coin toss, assuming the coin is equally likely to come up heads or tails?

Longer Answer

You can use more than 1 or 2 sentences to answer these. Remember to write clearly (if you need help, go to the Writing Center on campus) and justify your answers!

  1. (20 points) An attacker breaks into a web server running on a Windows Server 2025. Because of the ease with which he broke in, he concludes that the Windows Server 2025 is an operating system with very poor security features. Is his conclusion reasonable? Why or why not?

  2. (20 points) A computer system provides protection using the Biba integrity model. Assuming the discretionary controls are set to allow reading and writing on all files, how would a virus spread if:
    1. the virus were placed on the system at system low (the compartment that all other compartments dominate)?
    2. the virus were placed on the system at system high (the compartment that dominates all other compartments)?

  3. (20 points) Discuss controls that would prevent Dennis Ritchie's bacterium (see Section 23.6.1) from absorbing all system resources and causing a system crash.

  4. (25 points) Consider the statement 
    if (x = 1) and (y = 1) then x := 1
    where x and y can each be 0 or 1, with both equally likely and z is initially 0. Compute the conditional entropies H(x | z′) and H(y | z′).
UC Davis sigil
Matt Bishop
Office: 2209 Watershed Sciences
Phone: +1 (530) 752-8060
Email: mabishop@ucdavis.edu
ECS 235A, Computer and Information Security
Version of November 11, 2025 at 9:20PM

 You can also obtain a PDF version of this.

Valid HTML 4.01 Transitional Built with BBEdit Built on a Macintosh