1 IS-2150/TEL-2810 Introduction to Computer Security Midterm, Thursday, Oct 12, 2006 Name: Email: Total Time : 2:30 Hours Total Score : 100 There are total of 10 questions. Note that scores for each question is 10, although the time required for each may vary – so spend time accordingly on each question . Be precise and clear in your answers Score Q1 Q2 Q3 Q4 Q5 Q6 Q7 Q8 Q9 Q10 Good Luck !
2 1. Write T for true and F for false for the following statements: [Score 10] [ y ] In DG/UX, the virus protection region can be considered as at a higher integrity level than the integrity level of the user region. . [ ] The umask value prevents any user from making illegal permission assignments using chmod command. [ ] Confidentiality policies address the issue of how to control information flow. [ ] Biba’s low water mark integrity model is exact dual of the Bell-Lapdula model [ ] One way to prove that a given problem is undecidable is to reduce Turing machine’s halting problem to it. [ ] The command chmod 5754 hello.txt is the same as chmod u+srwx g+rx o+r hello.txt". [ ] In BellLapadula model, the read right includes the execute right. [ ] One advantage of role based access control model is that it can be used to enforce diverse set of policies including Biba and Bell-Lapadula models. [ ] The Clark-Wilson’s model shows that commercial firms do not classify data/information using multilevel scheme. [ ] To enforce Chinese-Wall policy, a system must be capable of maintaining access histories of each user. . 2.
