FILL-IN THE BLANK QUESTION
Question 1) The information transfer path by which unauthorized data is obtained is referred to as an ___________ channel
Question 2) ________ is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction.
Question 3) Gust OSs are managed by a ______, or VMM, that coordinates access between each of the guests and the actual physical hardware resources..
SHORT ANSWER QUESTION
Question 4) How can web site differentiate between lack of capacity and denial-of-service attack? For instance, web sites often experience tremendous increase in volume of traffic right after the advertisement with the site's URL is shown on television during broadcast of popular sporting event. That spike in usage is a result of normal access which happens to occur at the same time. How can a site find out that high traffic is reasonable?
Question 5) What are some of individual rights associated with information privacy? Do expectations of privacy change depending on the individual's environment? If so, how?
Question 6) Why is the firewall a good place to implement a VPN? Why not implement it at the actual server(s) being accessed?
Question 7) Suppose you operate the Apache-based Linux Web server which hosts your company’s e-commerce site. Suppose further that there is worm called “WorminatorX,” that exploits a (fictional) buffer overflow bug in Apache Web server package which can result in a remote root compromise. Construct a simple threat model which explains the risk this represents: assets, vulnerability, attack-vector, attacker(s), likelihood of occurrence, likely impact, and plausible mitigations
Question 8) Consider the popular DRM system like Apple’s FairPlay, used in to protect audio tracks purchased from iTunes music store. If the person purchased the track from iTunes store by the artist managed by record company like EMI, identify which company or person fulfils each of the DRM component roles.