22908 CSC 3080A - 0 - Operating Systems

Spring 2012
Herbert J. Bernstein ( )

Quiz 7


This web page is http://www.bernstein-plus-sons.com/.dowling/CSC3080S12/CSC3080_Quiz_7.html
Copyright © 2003, 2005, 2012 Herbert J. Bernstein and other parties. All rights reserved.

This is the seventh weekly quiz to be taken by Friday, 23 March 2012. It should take you between half an hour and 2 hours to answer the following questions. You should take this quiz after reading Chapters 1, 2, 3 and 4 in Anderson.

  <==== Do this AFTER you've answered all the questions

You probably DON'T want to do this ===>  

Please fill in the following information:



Skype ID:

  1. What is security engineering about?

  2. What four things must come together for good security engineering?

  3. Following Anderson, define secrecy, confidentiality and privacy.

  4. Explain pretexting and give an example.

  5. Give three broad categories into which human errors while operating equipment fall.

  6. Give three broad concerns in managing passwords.

  7. Summarize available phishing countermeasures.

  8. Explain the role of CAPTCHAs.

  9. Explain the MIG in the middle attack.

  10. Explain authentication in Kerberos.

  11. Explain four levels on which access control works.

  12. Explain why so many things go wrong in operating system security.

  13. Explain what Anderson means in saying Unix security became a classic 'success disaster'

  14. Give a status report on your project. If multiple people are involved, each person needs to report.

  <==== Do this AFTER you've answered all the questions

You probably DON'T want to do this ===>  

Revised 12 March 2012