CPSC 420/620 FALL 2008 QUIZ #2 28 Oct 2008 NAME: _______________________________________________ There are 8 questions on this quiz for a total of 150 points. Each question is individually weighted. If you do not understand the question, please ask for clarification.- 2 - I. (19 Points) Create an access control list for the following situation: a. (13 Points) Alice can read and execute to the file x. She can read the file y and can write the file z. Bob can read the file z. He can read and execute y and is denied access to file x. Be careful to clearly identify which ACL is associated with which file. b. (6 Points) Identify an advantage of an ACL over an ACM Identify A disadvantage of an ACL over an ACM- 3 - II. (16 Points) Use the concepts below to best match with the following statements. A Covert Channel B Confinement Problem C Rule of Transitive Confinement D Virtual Machine E Covert Storage Channel F Covert Timing Channel G Sandbox H Noiseless Covert Channel I Properties of Covert Channels J Covert Flow Tree K Noisy Covert Channel L Covert Channel Mitigation ______ deals with preventing a process from taking disallowed actions ______ uses an attribute of the shared resource ______ requires existence and bandwidth ______ an environment in which the actions of a process are restricted to a security policy ______ obscures the amount of resources that a process uses ______ preventing a server from leaking information that the user of the service considers confidential ______ a path of communication that was not designed to be used for communication ______ uses a temporal or ordering relationship among accesses to a shared resource- 4 - III. (16 Points) Use the concepts below to best match with the following statements. A Trustworthy B Security Assurance C Policy Assurance D Trust E Information Assurance F Design Assurance G Trusted System H Security Kernel I Implementation Assurance J Levels of Trust K Reference Monitor L Operational Assurance M Requirement N Trusted Computing Base O Reference Validation Mechanism _____ confidence that an entity meets its security requirements based on specific evidence provided by the application of assurance techniques ______ the evidence establishing that the system sustains the security policy requirements during installation. configuration, and day-to-day operations ______ a system that has been shown to meet well-defined requirements under an evaluation by a credible body of experts who are certified to assign trust ratings to evaluated products and systems ______ the evidence establishing that the set of security requirements in the policy is complete, consistent, and technically sound ______ a combination of hardware and software that implements a reference monitor ______ refers to the ability to access information and preserve the quality and security of that information ______ a belief or desire that a computer entity will do what it should to protect resources and be safe from attack ______ consists of all protection mechanisms within a computer system that are responsible for enforcing a security policy- 5 - IV. (18 Points) Use the concepts below to best match with the following statements. A Trusted System B Process Performance C Formal Evaluation Methodology D Process Maturity E Process Capability F C1, C2, B1, B2, B3, A1 G Trusted Path H Audit Requirement I Classes, Families, etc. J Protection Profile K Orange Book L Trusted Computing Base M Security Target N TOE Security Policy O TOE Security Functions P MAC Q Label Requirement R DAC ______ identifies an access control mechanism that allows for controlled sharing of names, objects by name, individuals, and/or groups ______ provides a communication path that is guaranteed to be between the user and the trusted computing base ______ part of a series of books developed by the Department of Defense ______ consists of all protected mechanisms within a computer system including hardware, software, and firmware that are responsible for enforcing a security policy ______ the extent to which a process is explicitly defined, managed, measured, controlled, and effective ______ a technique used to provide measurements of trust based on specific security requirements and evidence of assurance ______ part of a series of books developed by the Department of Defense ______ a set of rules that regulate how assets are managed, protected, and distributed with a product or system ______ a set of security requirements and specifications to be used as the basis for evaluation of an identified product or system- 6 - V. (22 Points) Match the phrase below with one of the formal security evaluation models given below. A. Trusted Computer System Evaluation Criteria (TCSEC) B. FIPS 140-1 and FIPS 140-2 C. Common Criteria (CC) D. System Security Engineering Capability Maturity Model (SSE-CMM) ______ Consisted of C1, C2, B1, B2, B3, and A1 levels of assurance ______ Consisted of performed informally, planned and tracked, well-defined, quantitatively controlled, continuously improving levels of assurance ______ Consisted of EAL1, EAL2, EAL3, EAL4, EAL5, EAL6, and EAL7 levels of assurance ______ Consisted of Level 1, Level 2, Level 3, and Level 4 levels of assurance ______ Orange Book presented criteria for evaluating the security of commercial computer products ______ Evaluated cryptographic modules ______ Organized into processes and maturity levels ______ Currently used evaluation criteria ______ Evaluated by a NIST-accredited commercial laboratories that do evaluations for a fee ______ Process oriented evaluation ______ Organized into Classes and Families- 7 - VI. (18 Points) Use the concepts below to best match with the following statements. A Malicious Logic B Trojan Horse C Propagating Trojan Horse D Computer Virus E Execution Phase F Boot Sector Infector G TSR Virus H Stealth Virus I Executable Infector J Computer Worm K Macro Virus L Multipartite Virus M Bacterium N Encrypted Virus O Polymorphic Virus P Logic Bomb Q Insertion Phase ______ performs an action that violates the security policy when some external event occurs ______ composed of a sequence of instructions that is interpreted, rather than executed directly ______ set of instructions that cause a site’s security policy to be violated ______ conceals the infection of files ______ absorbs all of some class of resources ______ changes its form each time it insert itself into another program ______ copies itself from one computer to another computer ______ an overt, known, effect and a covert, unexpected, effect ______ inserts itself into the boot sector of a disk- 8 - VII. (16 Points) Use the concepts below to best match with the following statements. A Formal Verification B Penetration Testing C Flaw Hypothesis Methodology D Tiger Team E Layers of Testing F Flaw Classes G Security Flaw H Exploiting the Vulnerability I Protection Analysis Model J Aslam Model K NRL Taxonomy L RISOS Study ______ performs penetration testing ______ authorized attempt to violate specific constraints stated in the form of a security or integrity policy ______ Attempted to break the operating system protection problem into smaller, more manageable pieces ______ provides a framework for penetration studies ______ composed of three classes of flaws: genesis, time of introduction and location ______ consists of 5 steps: information gathering, flaw hypothesis, flaw testing, flaw generalization, flaw elimination ______ can potentially prove the absence of security vulnerabilities ______ the specific failure of the controls of a system- 9 - VIII. (25 Points) Below are some statements. Identify the statement as either true or false and then in 15 words or less give an example defending your conclusion. a. Viruses can infect Microsoft word 2007 documents b. I can always detect a Trojan horse by looking at the source code for the program c. Never opening attachments in my e-mail client will always keep viruses off my computer d. A virus can never infect a Mac system e. The only defense against a virus is to disconnect your computer from the network