Name: ____________________________________________________ Alpha: _____________________

1. [10pts] For each of the scenarios below, choose from the box the violated Cyber pillar.

   Confidentiality   Integrity    Availability   Authentication   Non-repdudiateion
   

   1. : Alice attempts to speak with Bob, but Eve yells over the top preventing both from hearing each other.
   2. : Eve sends an e-mail to Bob pretending to be Alice.
   3. : Eve later denies the fact that she contractually promised to replay Bob $500 before the first of the year.
   4. : Alice and Bob write software for a satellite system; neither implemented proper algorithms to convert from English to metric measurements; the $125M satellite was lost entering Mars orbit.
   5. : Eve listens in on Alice and Bob’s phone conversation without their permission.
   
   
   
2. [10pts] Fill the terms used for computer security model in the blank to match the descriptions:
   • : a weakness of a computer system that can be exploited.
   • : an expectation of loss associated with an event of security breach.
   • : system resource that users and owners wish to protect.
   • : a potential security harm to an asset.
   • : an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
   
   
   
3. [10pts] Choose the correct term from the box for each of the blank.

   Scanning      Sniffing    Social-engineering  Denial-of-service  Masquerading 
   Randsomeware  Trojan      Rootkit             Spyware            APT
   

   • : An attack that uses a fake identity, such as a network identity, to gain unauthorized access to personal computer information through legitimate access identification.
   • : Malware installed on a computer system without permission and/or knowledge by the operator, for the purposes of espionage and information collection. Keyloggers fall into this category.
   • : An attack meant to shut down a machine or network.
   • : Attacks that send requests to a system to discover weak points.
   • : Highly targeted networks or host attack in which a stealthy intruder remains intentionally undetected for long periods of time in order to steal and exfiltrate data.
4. [16pts] Fill one of security principles (given by Saltzer and Schroeder) in the blank to match the descriptions:
   • : Unless an entity is given explicit access to an object, it should be denied access to that object.
   • : The security of a system should not depend on the obscurity of its protection mechanism.
   • : A system should not grant permission based on a single condition.
   • : Minimize the functions common to more than one user and depended on by all users.
   • : Keep it simple.
   • : Every access must be monitored and controlled.
   • : Every process or user of the system should operate using the least set of privileges necessary to perform the task.
   • : Security mechanism should be easy to use.
5. [4pts] Which security design principle is the following text referring to? Choose a principle that best fits the scenario.
   One should be wary of performance improvement techniques that save the results of previous authorization checks, since permission can change over time. It is safe to perform authorization checks everytime.

   For example, file systems vary in the way access checks are performed by application. It can be risky if permission are checked the first time a program requests access to a file, but subsequence accesses (potentially unauthorized) to the same file are not checked again while the application is still running.

   Answer:
6. [4pts] Which security design principle is the following text referring to? Choose a principle that best fits the scenario.
   The military concept of need-to-know information is an example of this principle. When this principle is ignored, then extra damage is possible from security breaches.

   For example, if a web server runs with the root access, malicious code injected by the attacker into the web server can do substantial damage to the system.

   Answer:
7. [4pts] Which security design principle is the following text referring to? Choose a principle that best fits the scenario.
   It is always better to minimize the shared use of a mechanism. This is because shared mechanisms may include cross-talk paths -- an attacker in one system may be able to navigate to another system by taking advantage of vulnerabilities in this shared mechanism. Remember that it is really difficult to make a single mechanism operate in a correct and trusted manner to the satisfaction of a wide range of users.
   Answer:
8. [4pts] Which security design principle is the following text referring to? Choose a principle that best fits the scenario.
   As computer systems get more complex over time, they accumulate complicated and bizarre code that makes them more fragile and harder to maintain. Software engineers refer to this as technical debt: it means that changes become slower and more expensive, and recovery from failures can be complex.

   Bookkeeping systems are no exception. For example, in June 2012, 6.5 million customers of the Natwest Bank had service disrupted for several weeks following a software upgrade that went wrong and had to be reversed. People were stranded overseas with no money and some companies couldn't make payroll. The bank was fined 42 million pounds.

   Answer:
9. [4pts] Which security design principle is the following text referring to? Choose a principle that best fits the scenario.
   Hiding design and algorithms doesn't really make the system more secure. For example, in the last big pay-TV piracy case in the 20th century, British pirate Chris Cary was able to forge Sky-TV smartcards. He obtained the design by having a company in Canada reverse engineer the smartcards. This cost Sky-TV 30 million pounds.
   Answer: