1. List and briefly define the fundamental security design principles.
2. Describe the risk analysis approach and the steps in a detailed or formal risk analysis.
3. Describe the basic principles utilized in mandatory access control. How do these basic principles help MAC control the dissemination of information?
4. What is a message authentication code?
5. What is the security of a virtualization solution dependent upon? List a set of recommendations to address these dependencies.
6. List the items that should be included in an IT security implementation plan.
7. Describe the inference problem in databases. What are some techniques to overcome the problem of inference?
8. Describe what information about a web server is stored in an SSL server certificate.
9. Explain why input validation mitigates the risks of SQL injection attacks.
10. What are the benefits and risks of server-side scripting?