sol-Exam2 - CIS 3360 Security in Computing Second...

Info iconThis preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CIS – 3360 Security in Computing Second Examination November 13, 2006 Fall 2006 Name __________________________________________________ Question 1 (10 + 10 = 20 points) The security levels TOP SECRET, SECRET, CONFIDENTIAL, and UNCLASSIFIED (ordered from highest to lowest), and all possible categories formed by the subsets of {NU, EU, US} form a lattice under the operation (subset of). Bush is cleared into security level (SECRET, {NU, EU}). i. Document “Anna” is classified as (CONFIDENTIAL, {NU}). Does Bush dominate “Anna”? Justify. Bush dominates Document “Anna” as CONFIDENTIAL ≤ SECRET and {NU} {NU, EU}. ii. Document “Bella” is classified as (SECRET, {EU, US}). Does Bush dominate “Bella”? Justify. Bush ¬ dominate Document “Bella” as {EU, US} {NU, US}. Question 2 (10 + 10 = 20 points) The security requirements of a software have been evaluated as EAL5 (semi formally designed and tested). Some one found a mistake in the EAL2 (structural testing). What would be the trustworthiness of the software? Justify your answer. Since there is a mistake in EAL2, so the trustworthiness of the software will be
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 07/04/2011 for the course CIS 3360 taught by Professor Guha during the Fall '06 term at University of Central Florida.

Page1 / 3

sol-Exam2 - CIS 3360 Security in Computing Second...

This preview shows document pages 1 - 2. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online