User Account

All Pages

Classify the following vulnerabilities using the risos model

Assignment Help Basic Computer Science
Reference no: EM13712168 , Length: 3900 Words

The book that we use is Computer Security Art and Science by Matt Bishop. Each answer should be from 600- 900 words.

Answer the following questions.

1)(12 pts.) Chapter 18 (pgs. 494-495) -Problem#7

A company develops a new security product using the extreme programming software development methodology. Programmers code, then test, then add more code, then test, and continue this iteration. Every day, they test the code base as a whole. The programmers work in pairs when writing code to ensure that al least two people review the code. The company does not adduce any additional evidence of assurance. How would explain to the management of this company why their software is in fact not "High-assurance" software?

2) (15 pts.) Chapter 22 (pgs. 642-643) -Problem#2

Consider how a system with capabilities as its access control mechanism could deal with Trojan horses.

  1. In general, do capabilities offer more or less protection against Trojan horses than do access control lists? Justify you answer in light of the theoretical equivalence of ACLs and C-Lists.
  2. Consider now the inheritance properties of new processes. If the creator controls which capabilities the created process is given initially, how could the creator limit the damage that a Trojan horse could do?
  3. Can capabilities protect against all Trojan horses? Either show that they can or describe a Trojan horse process that C-Lists cannot protect against.

3) (18 pts.) Chapter 22 (pgs. 642-643) -Problem#12

Assume that the Clark- Wilson model is implemented on a computer system. Could a computer virus that scrambled constrained data items be introduced into the system? Why or why not? Specifically, if not, identify the precise control that would prevent the virus from being introduced, and explain why it would prevent the virus from being introduced; if yes, identify the specific control or controls that would allow the virus to be introduced and explain why they fail to keep it out.

 

4) (20 pts.) Chapter 23 (pgs. 685-687) -Problem#1

Classify the following vulnerabilities using the RISOS model. Assume that the classification is for the implementation level. Justify your answer.

  1. The presence of the "wiz" command in the sendmail program (see Section 23.2.8)
  2. The failure to handle the IFS shel variable by loadmodule. (see Section 23.2.8).
  3. The failure to select an Administrator password that was difficult to guess. (see Section 23.2.9).
  4. The failure of the Burroughs system to detect offline changes to files (see Section 23.2.6).

5) (15 pts.) Chapter 23 (pgs. 685-687) -Problem#4

A common error on UNIX systems occurs during the configuration of bind, and directory name server. The time-to-expire field is set at 0.5 because the administrator believes that this fields unit is minutes (and wishes to set the time to 30 seconds). However, bind expects the field to be in seconds and reads the value as 0- meaning that no data is ever expired.

  1. Classify this vulnerability using the RISOS model, and justify your answer
  2. Classify this vulnerability using the PA model, and justify your answer.
  3. Classify this vulnerability using Aslam's model, and justify your answer,

Reference no: EM13712168

Questions Cloud

Single-stage ideal regenerative steam cycle : A single-stage ideal regenerative steam cycle has a boiler pressure and temperature of 5000 kPa and 500 C, and a condensing pressure of 10 kPa. The extraction pressure is 500 kPa.
What is the apparent gravity at the counterweight : Space stations don't need to be round to have artificial gravity. The tethered spacecraft in the diagram to the right represents an alternative design. Put the astronauts in a passenger capsule. (Put the "spam in a can" as they say.) Tether it to a h..
Oil has a specific gravity : Oil flows at a rate of 12gpm from a vented tank (pressure at point 1 is zero) through 1 inch inner diameter pipes and elbows, and through a pump and motor as shown. The pump adds HHPp= 3hp to and the motor extracts HHPm= 1hp from the fluid power.
Solar energy impinging on outer layer of earth’s atmosphere : Solar energy impinging on the outer layer of earth’s atmosphere (usually called “solar constant”) has been measured as 1367W/m^2. What is the solar constant on Mars
Classify the following vulnerabilities using the risos model : Classify the following vulnerabilities using the RISOS model. Assume that the classification is for the implementation level. Justify your answer.
Calculate the minimum amount of energy : Calculate the minimum amount of energy, in joules, required to completely melt 102 g of silver initially at 42.0°C. The melting point of silver is at 962°C.
What is the length of the rod : An aluminum-alloy rod has a length of 10.380 cm at 24.00°C and a length of 10.423 cm at the boiling point of water.
What is the acceleration of the heavier object : An unspecified force causes a 0.1-kg object to accelerate at 0.3 m/s2. If 0.4 kg is added to the 0.1-kg object and the force remains the same.
What is the acceleration of the heavier object : An unspecified force causes a 0.1-kg object to accelerate at 0.3 m/s2. If 0.4 kg is added to the 0.1-kg object and the force remains the same.

Reviews

Write a Review

Basic Computer Science Questions & Answers

  Identifies the cost of computer

identifies the cost of computer components to configure a computer system (including all peripheral devices where needed) for use in one of the following four situations:

  Input devices

Compare how the gestures data is generated and represented for interpretation in each of the following input devices. In your comparison, consider the data formats (radio waves, electrical signal, sound, etc.), device drivers, operating systems suppo..

  Cores on computer systems

Assignment : Cores on Computer Systems:  Differentiate between multiprocessor systems and many-core systems in terms of power efficiency, cost benefit analysis, instructions processing efficiency, and packaging form factors.

  Prepare an annual budget in an excel spreadsheet

Prepare working solutions in Excel that will manage the annual budget

  Write a research paper in relation to a software design

Research paper in relation to a Software Design related topic

  Describe the forest, domain, ou, and trust configuration

Describe the forest, domain, OU, and trust configuration for Bluesky. Include a chart or diagram of the current configuration. Currently Bluesky has a single domain and default OU structure.

  Construct a truth table for the boolean expression

Construct a truth table for the Boolean expressions ABC + A'B'C' ABC + AB'C' + A'B'C' A(BC' + B'C)

  Evaluate the cost of materials

Evaluate the cost of materials

  The marie simulator

Depending on how comfortable you are with using the MARIE simulator after reading

  What is the main advantage of using master pages

What is the main advantage of using master pages. Explain the purpose and advantage of using styles.

  Describe the three fundamental models of distributed systems

Explain the two approaches to packet delivery by the network layer in Distributed Systems. Describe the three fundamental models of Distributed Systems

  Distinguish between caching and buffering

Distinguish between caching and buffering The failure model defines the ways in which failure may occur in order to provide an understanding of the effects of failure. Give one type of failure with a brief description of the failure

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd