User Account

All Pages

Answer the following questions1 a company develops a new

Assignment Help Computer Networking
Reference no: EM13379997

Answer the following questions.

1) A company develops a new security product using the extreme programming software development methodology. Programmers code, then test, the en add more code, then test, and continue this iteration. Every day they test the code base as a whole. The programmers work in pairs when writing code to ensure that at least two people review the code. How would you explain to this company how their software is in fact not high assurance" software?

2) Consider how a system with capabilities as its access control mechanism could deal with Trojan Horses.

A) In general, do capabilities offer more or less protection against Trojan horses than do access control lists? Justify your answer in light of the theoretical equivalence of ACLs and C-Lists
B) Consider now the inheritance of properties of new processes. If the creator controls which capabilities the created process is given initially, how could the creator limit a damage that a Trojan Horse will do?

C) Can capabilities protect against all Trojan Horses? Either show that they can or describe a Trojan horse process that can C-Lists cannot protect against

3) Assume that the Clark -Wilson model is implemented on a computer system. Could a computer virus that scrambled constrained data items be introduced into the system? Why or why not? Specifically, if not identify the precise control that would prevent the virus from being introduced, and explain why it would prevent the virus from being introduced; if yes identify the specific control or controls that would allow the virus to be introduced and explain why they fail to keep it out.

4) Classify the following vulnerabilities using the RISOS model. Assume that the classification is for the implementation level. Justify your answer:

a)The presence of the wiz command in the sendmail program

b) The failure to handle the IFS shell variable by loadmodule

c) The failure to select an Administrator password that was difficult to guess

d)The failure of the Burroughs system to detect offline changes to files

5) A common error in the UNIX system occurs during configuration of bind, a directory name server. The time-to-expire field is set at 0.5 because the administrator believes that this field unit is minutes (and wishes to set the time to 30 seconds) However, bind expects the field to be in seconds and reads the value as 0 - meaning that no data is ever expired.

a) Classify this vulnerability using the RISOS model, and justify your answer

b) Classify this vulnerability using the PA model and justify your answer

c) Classify this vulnerability using the Aslam's model and justify your answer

6) Essay Question:Secure software certification. Your present company is at EAL4. You are the new program manager on this effort and your job is to bring your present software secure package to EAL7. Explain to me your management plan on upgrading your present software package from EAL4 to EAL7. Your management plan should include discussing your past documentation (assignment#2), the difference between EAL4 and EAL7, what additional paperwork will be needed to reach EAL7 certification, and finally, define your risk based on reusing software code for this migration from EAL4 to EAL7 certification.

Reference no: EM13379997

Questions Cloud

Your regular tennis partner has offered a friendly wager to : your regular tennis partner has offered a friendly wager to you. the two of you will play out one point in which you
Imagine you are a team leader in a large software : imagine you are a team leader in a large software development organization and you want to improve a software
Tsk a1create an android project hello world call it : task a.1create an android project hello world. call it homeworkladd 2 text fields the first text field should be set
Task 1 create 3 rows of data for each table ensuring that : task 1 create 3 rows of data for each table ensuring that the referential integrity is valid.task 2 add the 30 rows of
Answer the following questions1 a company develops a new : answer the following questions.1 a company develops a new security product using the extreme programming software
In this class weve stressed the importance of various : in this class weve stressed the importance of various system analysis and design tools and techniques. by now you
Draw anbsp dfd context andnbsp level 1 for placing an order : draw anbsp dfd context andnbsp level 1 for placing an order based on the e-r diagram shown here.some recommended major
Questiona military information system on a base overseas : questiona military information system on a base overseas tracks personnel on the base.nbsp each military member is
Which is not a factor to consider in software evaluationa : which is not a factor to consider in software evaluation?a. performance effectivenessb. performance efficiencyc.

Reviews

Write a Review

Computer Networking Questions & Answers

  Explain briefly how the polling mechanism will work

What do you think is the "traffic demand information" in this research i.e. what metric is used for traffic demand information and explain briefly how the "polling mechanism" will work to distribute the traffic demand information in this research?

  Write recursive subroutine to calculate factorial function

Write down simple (closed) subroutine sum(A,n) to sum the array of n integers and return result un EDSAC using "initial orders. Write down recursive subroutine fact(n) which calculates factorial function.

  Sketch the fsm specification for protocol

Sketch the FSM specification for this protocol (one FSM for X, one for Y, and one for Z). udtsend() function must include name of recipient.

  What is meant by a nondeterministic protocol

What is meant by a nondeterministic protocol and what are the various combinations of circuit switched and packet switched networks and connection-oriented and connectionless network applications?

  Design a lan for firm with five departments in one building

You have been asked to design a LAN for very successful CPA firm with 5 departments in one building and total of 500 employees.

  Distinguish between any web pages or web servers

Suppose the role of IT consultant to new nonprofit organization, Free Flu, which gives flu shots to elderly. Distinguish between any Web pages or Web servers you would use for this task.

  Part athis part consists of 40 multiple choice questions

part athis part consists of 40 multiple choice questions. each question has one and only one correct answer. you need

  Data Network Identification Code

Discuss the christian concept of trinity and messiah How many digits of the DNIC (Data Network Identification Code) identify the country?  A station in a network forwards incoming packets by placing them on its shortest output queue. What routing al..

  Explain the purposes of poe in wlan design

Explain the purposes of POE in WLAN design. Provide at least 3 scenarios of POE being used as the prime element in WLAN design to address the projects cost

  Explain bgp in wan between different as

You are using BGP-4 in WAN between AS1, AS2, and AS3. Explain in plain text or as BGP-4 policy statement how you would: Allow AS3 to communicate with AS1 but not allow AS2 to communicate with AS1.

  Cisco packet tracer

You can use Cisco Packet Tracer for this assignment (more information on use of Packet Tracer can be discussed with your Lecturer in Tutorial class).

  What are the characteristics of tcp-ip- http protocols

There is an alphabet soup of protocols in TCP/IP - HTTP,FTP,SMTP,POP3,TCP,UDP,IP,ARP,ICMP, and others. What are the characteristics of these protocols?

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd