94%(34)32 out of 34 people found this document helpful
This preview shows page 1 - 2 out of 5 pages.
Computer Security: Principles and Practice, 3rdEditionChapter 12Chapter 12 – Operating System SecurityTRUE/FALSE QUESTIONS:TF1. Most large software systems do not have security weaknesses.TF2. Each layer of code needs appropriate hardening measures in place to provide appropriate security services.3. Lower layer security does not impact upper layers.4. It is possible for a system to be compromised during the installation process.5. A plan needs to identify appropriate personnel to install and manage the system, noting any training needed.TF6. The purpose of the system does not need to be taken into consideration during the system security planning process.7. The default configuration for many operating systems usually maximizes security.8. Ideally new systems should be constructed on an unprotected network in order to prevent installation restrictions.9. A malicious driver can potentially bypass many security controls to install malware.TF10. You should run automatic updates on change-controlled systems.11. Passwords installed by default are secure and do not need to be changed.12. A very common configuration fault seen with Web and file transfer servers is for all the files supplied by the service to be owned by the same “user” account that the server executes as.