A local paper reports on a clerk stealing from an organization by issuing fake checks. Is this vulnerability,
an exploit, or a security incident?
Briefly describe how asset-based layering of controls might be less effective that using defense strategies
Chapter 6 review questions
1. Briefly explain one reason each for why clarity and unambiguity are important in formal
Clarity and unambiguity are important in formal models because they are often
expressed mathematically, it provides a means of ex
Chapter 5 exercises
1. Lets say that some hacktivist group that shall remain anonymous has decided to target
your organizations public web server with a DoS attack. The strategy used is an old one
a TCP SYN flood. Hosts from the Internet are making legiti
Chapter 5 review questions
1. What is the general goal of a frustration strategy?
To frustrate attack by asserting control of the target of the attack, the defenders
have configured the asset to be unreachable or unassailable to attack.
2. Provide a one s
Chapter 6 exercise
1. How might use of an access control matrix aid in restricting indirect release of
information on a computer system?
Access Control Matrix is a single digital file or written record having subjects
and objects and identifies what actio