ICT379: Computer Security Foundations || with 100% Correct
Answers.
What is the definition of "Reference Monitor". correct answers An access control concept that
refers to an abstract machine that mediates all accesses to objects by subjects.
Define "Prevention". correct answers Takes measures that prevent assets from being damaged.
What is the definition of "Security Kernel". correct answers The hardware, firmware and
software elements of a trusted computing have that implement the reference monitor concept. It
must mediate all accesses, be protected from modification, and be verifiable as correct.
What is the definition of "Trusted Computing Base (TCB)". correct answers The totality of
protection mechanisms within a computer system, including hardware, firmware and software,
which are responsible for enforcing a security policy (one or more combined).
What are the core requirements on the implementation of the reference monitor? correct answers
RVM = Reference Validation Mechanism
- rvm must be tamper proof.
- rvm must always be invoked.
- rvm must be small enough to be subject to analysis and tests to be sure that it is correct.
Define "Detection". correct answers Takes measures so that you can detect when, how, and by
whom an asset has been damaged.
Define "Reaction". correct answers Takes measures so that you can recover your assets or to
recover from damage to your assets.
What does Gollmann say about security strategies? correct answers The more you invest into
prevention, the more you have to invest into detection to make sure prevention is working.
,What are the 5 security objectives / goals? correct answers Confidentiality, Integrity, Availability,
Authenticity, Accountability
Define "Confidentiality". correct answers Prevent unauthorized disclosure of information.
(Reading)
Define "Integrity". correct answers Prevent unauthorized modification of information (writing ->
internal & external consistency)
Define "Availability". correct answers Prevent unauthorized withholding of information or
resources
Define "Authenticity". correct answers Know whom is talking to us
Define "Accountability". correct answers Also referred to as "Non-repudiation". Prove that an
entity was involved in some event
Define "Non-Repudiation". correct answers Service which provides unforgeable evidence (not
irrefutable) that a specific action occurred.
What is the difference between origin and delivery in Non-Repudiation correct answers One
protects against a sender of data denying that data was sent versus the protections against a
receiver of data denying that data was received.
Define "Policy". correct answers What the system should / should not do (broader than AC)
Define "Mechanism". correct answers A method tool, or procedure for enforcing policy (broader
than AC)
, Define "Access Control". correct answers Type of mechanism to control access to resources
according to a specified policy
Define "Confinement". correct answers The isolation of an entity (generally code) to enforce a
given policy
What 5 areas can a reference monitor be placed? correct answers Hardware (microprocessors),
OS Kernel (Hypervisor), OS (Unix & Windows), Services Layer (Java VM) and Application.
What is a hyper visor? correct answers Used to separate users, or applications for that matter, by
providing each with a separate virtual machine.
What is a minor consideration when choosing where to place the reference monitor? correct
answers Where should it be placed with reference to the program it should control.
How are reference monitors differentiated? correct answers On the basis of their ability to
inspect and modify programs being executed by subjects (processes)
What are the 3 types of architectures in relation to reference monitors? correct answers Layer
Below Architecture
Interpreter Architecture
In Line Architecture
What does an "execution monitor do?" correct answers Looks at the history of execution steps
but does not try to predict the outcome of possible future executions.
Describe "Layer Below Architecture". correct answers Found in hardware, operating systems,
most service layer approaches (e.g. CORBA). Most common approach
Answers.
What is the definition of "Reference Monitor". correct answers An access control concept that
refers to an abstract machine that mediates all accesses to objects by subjects.
Define "Prevention". correct answers Takes measures that prevent assets from being damaged.
What is the definition of "Security Kernel". correct answers The hardware, firmware and
software elements of a trusted computing have that implement the reference monitor concept. It
must mediate all accesses, be protected from modification, and be verifiable as correct.
What is the definition of "Trusted Computing Base (TCB)". correct answers The totality of
protection mechanisms within a computer system, including hardware, firmware and software,
which are responsible for enforcing a security policy (one or more combined).
What are the core requirements on the implementation of the reference monitor? correct answers
RVM = Reference Validation Mechanism
- rvm must be tamper proof.
- rvm must always be invoked.
- rvm must be small enough to be subject to analysis and tests to be sure that it is correct.
Define "Detection". correct answers Takes measures so that you can detect when, how, and by
whom an asset has been damaged.
Define "Reaction". correct answers Takes measures so that you can recover your assets or to
recover from damage to your assets.
What does Gollmann say about security strategies? correct answers The more you invest into
prevention, the more you have to invest into detection to make sure prevention is working.
,What are the 5 security objectives / goals? correct answers Confidentiality, Integrity, Availability,
Authenticity, Accountability
Define "Confidentiality". correct answers Prevent unauthorized disclosure of information.
(Reading)
Define "Integrity". correct answers Prevent unauthorized modification of information (writing ->
internal & external consistency)
Define "Availability". correct answers Prevent unauthorized withholding of information or
resources
Define "Authenticity". correct answers Know whom is talking to us
Define "Accountability". correct answers Also referred to as "Non-repudiation". Prove that an
entity was involved in some event
Define "Non-Repudiation". correct answers Service which provides unforgeable evidence (not
irrefutable) that a specific action occurred.
What is the difference between origin and delivery in Non-Repudiation correct answers One
protects against a sender of data denying that data was sent versus the protections against a
receiver of data denying that data was received.
Define "Policy". correct answers What the system should / should not do (broader than AC)
Define "Mechanism". correct answers A method tool, or procedure for enforcing policy (broader
than AC)
, Define "Access Control". correct answers Type of mechanism to control access to resources
according to a specified policy
Define "Confinement". correct answers The isolation of an entity (generally code) to enforce a
given policy
What 5 areas can a reference monitor be placed? correct answers Hardware (microprocessors),
OS Kernel (Hypervisor), OS (Unix & Windows), Services Layer (Java VM) and Application.
What is a hyper visor? correct answers Used to separate users, or applications for that matter, by
providing each with a separate virtual machine.
What is a minor consideration when choosing where to place the reference monitor? correct
answers Where should it be placed with reference to the program it should control.
How are reference monitors differentiated? correct answers On the basis of their ability to
inspect and modify programs being executed by subjects (processes)
What are the 3 types of architectures in relation to reference monitors? correct answers Layer
Below Architecture
Interpreter Architecture
In Line Architecture
What does an "execution monitor do?" correct answers Looks at the history of execution steps
but does not try to predict the outcome of possible future executions.
Describe "Layer Below Architecture". correct answers Found in hardware, operating systems,
most service layer approaches (e.g. CORBA). Most common approach
