sq1 - The user can create, remove and rename files in the...

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
IS2150/TEL2810 Introduction to Security, Quiz 1, September 13, 2011, (Total Points: 15) Name : 1. For each of the statements indicate whether it is True or False (Point: 5) [ T ] It is possible that an authorized person can compromise the Integrity of a system. [ F] Snooping attack results in integrity and confidentiality violation . [ F] Confidentiality only refers to the hiding of the existence of an entity or a piece of information. [ F] In Windows, if any single permission from a requested set of permissions is denied the requested set of permissions would be denied. 2. Elaborate (Point: 6) What does “ write ” permission on a Unix directory allow?
Background image of page 1
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: The user can create, remove and rename files in the directory. What is the setuid issue in Unix? Setuid is a flag that allows temporarily changing the UID of the user that is executing a file to the UID of the owner of the file. In other words, the EUID of the executer changes to the UID of the owner of the program file. This is useful to run programs with temporarily elevated privileges. Differentiate between the principles of Least Privilege and Separation of Privileges See slides 3. Show the three dimensions of the CIA based NSTISSC 4011 security model (Point: 4) – (draw on the back of this page). (See Slides)...
View Full Document

This note was uploaded on 02/07/2012 for the course SIS 2150 taught by Professor Joshi during the Fall '11 term at Pittsburgh.

Ask a homework question - tutors are online