SHORT ANSWER QUESTIONS
Question1) Assume the author of the online banking software system has programmed in a secret feature so that program emails him account information for any account whose balance has just gone over $10,000. What kind of attack is this and what are some of its risks?
Question2) What limitations are often found in shell code, and how could they be voided.
Question3) Bobby says that the computer virus ate his homework, which was saved as a Word document. What kind of virus is the most likely culprit?
Question4) State some threats which result from the process running with administrative or root privileges on a system.
Question5) __________ applications is a control which limits the programs that could execute on system to just those in an explicit list.
A) Virtualizing
B) White listing
C) Logging
D) Patching
Question6) The range of logging data acquired must be determined _______.
A) during security testing
B) as a final step
C) after monitoring average data flow volume
D) during the system planning stage
FILL-IN THE BLANK QUESTIONS
Question7) The main advantage of ________ is its simplicity and its freedom from assumptions about expected input to any program, service, or function.
Question8) ______ is a reactive control which could only inform you about bad things that have already happened.
Question9) _________ are the collection of string values inherited by each process from its parent which could affect the way a running process behaves.
A) Deadlock
B) Privileges
C) Environment variables
D) Race condition