Part A
1. List the taxonomy of program flaws
2. List any two examples for non-malicious program errors
3. Definetime-of-check to time-of-use (TOCTTOU) flaw
4. Expand VIRUS
5. What are the Kinds of Malicious Code give example for each.
6. What are the effects of Brain virus and internet worm
7. What is XCP? Where is it found
8. What is Salami Attack?
9. What are the good software development practices
10. List the top 10 web app attacks
11. List the top 10 programming errors vulnerabilities
Part B
1. Explain the non-malicious program errors with an example
2. Explain the incomplete mediation with an example
3. Explain the types of malicious programs in a table format with columns: Name, Example, mechanism/process, tools, effects etc.,
4. Explain Viruses
5. List three controls that could be applied to detect or prevent salami attacks.
6. How Viruses Gain Control?
7. Explain Brain Virus in detail?
8. Targeted Malicious Code - Write about the various types and its implication in tabular form
9. How cohesion and coupling helps in security analyst process
10. Write notes in Hazard analysis
11. Explain A1-A5 in detail
12. Explain top 25 programming errors
13. Suppose you are a customs inspector. You are responsible for checking suitcases for secret compartments in which bulky items such as jewelry might be hidden. Describe the procedure you would follow to check for these compartments.
14. Your boss hands you a microprocessor and its technical reference manual. You are asked to check for undocumented features of the processor. Because of the number of possibilities, you cannot test every operation code with every combination of operands. Outline the strategy you would use to identify and characterize unpublicized operations.
15. Your boss hands you a computer program and its technical reference manual. You are asked to check for undocumented features of the program. How is this activity similar to the task of the previous exercises? How does it differ? Which is the most feasible? Why?
16. Could a computer program be used to automate testing for trapdoors? That is, could you design a computer program that, given the source or object version of another program and a suitable description, would reply Yes or No to show whether the program had any trapdoors? Explain your answer.
17. A program is written to compute the sum of the integers from 1 to 10. The programmer, well trained in reusability and maintainability, writes the program so that it computes the sum of the numbers from kto n. However, a team of security specialists scrutinizes the code. The team certifies that this program properly sets k to 1 and n to 10; therefore, the program is certified as being properly restricted in that it always operates on precisely the range 1 to 10. List different ways that this program can be sabotaged so that during execution it computes a different sum, such as 3 to 20.
18. One means of limiting the effect of an untrusted program is confinement: controlling what processes have access to the untrusted program and what access the program has to other processes and data. Explain how confinement would apply to the earlier example of the program that computes the sum of the integers 1 to 10.
19. List three controls that could be applied to detect or prevent salami attacks.
20. The distinction between a covert storage channel and a covert timing channel is not clear-cut. Every timing channel can be transformed into an equivalent storage channel. Explain how this transformation could be done.
21. List the limitations on the amount of information leaked per second through a covert channel in a multiaccess computing system.
22. An electronic mail system could be used to leak information. First, explain how the leakage could occur. Then, identify controls that could be applied to detect or prevent the leakage.
23. Modularity can have a negative as well as a positive effect. A program that is overmodularized performs its operations in very small modules, so a reader has trouble acquiring an overall perspective on what the system is trying to do. That is, although it may be easy to determine what individual modules do and what small groups of modules do, it is not easy to understand what they do in their entirety as a system. Suggest an approach that can be used during program development to provide this perspective.
24. You are given a program that purportedly manages a list of items through hash coding. The program is supposed to return the location of an item if the item is present or to return the location where the item should be inserted if the item is not in the list. Accompanying the program is a manual describing parameters such as the expected format of items in the table, the table size, and the specific calling sequence. You have only the object code of this program, not the source code. List the cases you would apply to test the correctness of the program's function.
25. You are writing a procedure to add a node to a doubly linked list. The system on which this procedure is to be run is subject to periodic hardware failures. The list your program is to maintain is of great importance. Your program must ensure the integrity of the list, even if the machine fails in the middle of executing your procedure. Supply the individual statements you would use in your procedure to update the list. (Your list should be fewer than a dozen statements long.) Explain the effect of a machine failure after each instruction. Describe how you would revise this procedure so that it would restore the integrity of the basic list after a machine failure.
26. Explain how information in an access log could be used to identify the true identity of an impostor who has acquired unauthorized access to a computing system. Describe several different pieces of information in the log that could be combined to identify the impostor.
27. Several proposals have been made for a processor that could decrypt encrypted data and machine instructions and then execute the instructions on the data. The processor would then encrypt the results. How would such a processor be useful? What are the design requirements for such a processor?
28. Unit 4: DATABASE Security (Text: Pfleeger)
29. Name the three dimensions view of database integrity and reliability
30. What is Two-Phase Update
31. What are monitors
32. Depict the relationship between security and precision using a diagram
33. What is Tracker attack give 2 examples
34. What are the factors that make data sensitive
35. Explain the requirements for database security each with an example.
36. Explain Two-Phase Update in detail with an example
37. Explain the problem ofconcurrent modification with example
38. How integrity issues are managed with respect to database security.
39. Explain inference to derive sensitive data from a database
40. Explain the problem of inference in detail
41. Explain the types of disclosures to sensitive data
42. In an environment in which several users are sharing access to a single database, how can indefinite postponement occur? Describe a scenario in which two users could cause the indefinite postponement of each other. Describe a scenario in which a single user could cause the indefinite postponement of all users.
43. Using the two-step commit presented in the beginning of this chapter, describe how to avoid assigning one seat to two people, as in the airline example. That is, list precisely which steps the database manager should follow in assigning passengers to seats.
44. UNDO is a recovery operation for databases. It is a command that obtains information from a transaction log and resets the elements of a database to their values before a particular transaction is performed. Describe a situation in which an UNDO command would be useful.
45. The UNDO operation described in the previous exercise must be repeatable. That is, if x is the original value of a database and x' is an incorrectly modified version, we want UNDO(x') = x, but also UNDO(x) = x and UNDO(UNDO(x')) = x a)Why must UNDO(x) = x? b) Why must UNDO(UNDO(x')) = x?
46. Suppose a database manager were to allow nesting of one transaction inside another. That is, after having updated part of one record, the DBMS would allow you to select another record, update it, and then perform further updates on the first record. What effect would nesting have on the integrity of a database? Suggest a mechanism by which nesting could be allowed.
47. Can a database contain two identical records without a negative effect on the integrity of the database? Why or why not?
48. Some operating systems perform buffered I/O. In this scheme, an output request is accepted from a user and the user is informed of the normal I/O completion. However, the actual physical write operation is performed later, at a time convenient to the operating system. Discuss the effect of buffered I/O on integrity in a DBMS.
49. A database transaction implements the command "set STATUS to 'CURRENT' in all records where BALANCE-OWED = 0."
a. Describe how that transaction would be performed with the two-step commit described in this chapter.
b. Suppose the relations from which that command was formed are (CUSTOMER-ID,STATUS) and (CUSTOMER-ID,BALANCE-OWED). How would the transaction be performed?
c. Suppose the relations from which that command was formed are (CUSTOMER-ID,STATUS), (CREDIT-ID,CUSTOMER-ID), (CREDIT-ID, BALANCE-OWED). How would the transaction be performed?
50. Show that if longitudinal parity is used as an error detection code, values in a database can still be modified without detection. (Longitudinal parity is computed for the nth bit of each byte; that is, one parity bit is computed and retained for all bits in the 0th position, another parity bit for all bits in the 1st position, etc.)
51. Suppose query Q1 obtains the median ml of a set S1 of values. Suppose query Q2 obtains the median m2 of a subset S2 of S1. If m1 < m2, what can be inferred about S1, S2, and the elements of S1 not in S2?
52. Disclosure of the sum of all financial aid for students in Smith dorm is not sensitive because no individual student is associated with an amount. Similarly, a list of names of students receiving financial aid is not sensitive because no amounts are specified. However, the combination of these two lists reveals the amount for an individual student if only one student in Smith dorm receives aid. What computation would a database management system have to perform to determine that the list of names might reveal sensitive data? What records would the database management system have to maintain on what different users know in order to determine that the list of names might reveal sensitive data?
53. One approach suggested to ensure privacy is the small result rejection, in which the system rejects (returns no result from) any query, the result of which is derived from a small number, for example, five, of records. Show how to obtain sensitive data by using only queries derived from six records.
54. The response "sensitive value; response suppressed" is itself a disclosure. Suggest a manner in which a database management system could suppress responses that reveal sensitive information without disclosing that the responses to certain queries are sensitive.
55. Cite a situation in which the sensitivity of an aggregate is greater than that of its constituent values. Cite a situation in which the sensitivity of an aggregate is less than that of its constituent values.