Problem
I. Explain how to delegate using capabilities.
II. Zane digitally signs and temporarily delegates his capabilities (C-list) to Karen. Explain the advantages and disadvantages of this approach.
III. Explain the "need to know principle". How can compartments support this principle?
IV. Is BLP consistent with a high or low water mark principle?
V. Is Biba's Model consistent with a high or low water mark principle?
VI. Describe an example of a real-world visual CAPTCHA not discussed in the textbook. Explain how the CAPTCHA works.
VII. Regarding the solving of CAPTCHAs, why is the segmentation problem difficult for computers to solve?
VIII. For the three firewall types: packet filter, stateful packet filter, and application proxy, list the layer of the Internet protocol stack where each operates.
IX. Differentiate between signature-based and anomaly-based detection.
X. Why is effective anomaly-based IDS inherently more challenging than signature-based detection?
XI. The anomaly-based intrusion detection example is based upon file-use statistics. Many other statistics could be used in the IDS such as network usage. List five other statistics that could be used in an anomaly-based IDS.
XII. Regarding anomaly-based intrusion detection, what are the advantages and disadvantages of adding more statistics?
XIII. Regarding anomaly-based intrusion detection, why is it necessary to update the expected file use percentage?
XIV. A company maintains many honeypots distributed across the Internet. To a potential attacker, these honeypots look like vulnerable systems. The honeypots attract many attacks. Whenever an attack is detected, the company immediately develops a signature and distributes it to all systems using its products. The actual derivation of the signature is general a manual process. What are the advantages, if any, of this approach over the standard-based and anomaly-based systems?