Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

INF Exam Questions and Answers

Rating
-
Sold
-
Pages
84
Grade
A+
Uploaded on
30-01-2026
Written in
2025/2026

This document contains questions that were asked on 2026 Exam Jan/Feb. Both questions and answers were randomised so it is important to study all of the questions in this document as you do not know which questions you will be asked.

Show more Read less
Institution
Course

Content preview

This document serves as a guide to your Exams

All questions for INF4831 EXAM 2026 were extracted randomly from this document.


Students , Study all questions in this document as the exam questions are randomly for
each student.

We wish you all the best with your exams

,1. A/an ... token can have some variability or interaction with its surroundings, e.g. public
transportation systems uses cards with magnetic strips.
a. active
b. dynamic
c. single sign-on
d. passive


2. ... tokens do not change for example a photo or key.
a. Passive
b. Dynamic
c. Active
d. Static


3 . A/an .......... token has a fixed value, such as identity cards, passports, credit cards, and other
magnetic-stripe cards. It is most useful for onsite authentication.
a. active
b. static
c. dynamic
d. passive

4. Combining authentication information is called ... . Two forms of authentication are
presumed to be better than one.
a. double authentication
b. changing authentication
c. dynamic authentication
d. multifactor authentication

5. ... is the situation in which a behavior of the program depends on the order in which two
procedures execute. Also called serialization flaw – two processes execute concurrently and the
outcome of the computation depends on the order in which instructions of the processes
execute.
a. Stack
b. Incomplete mediation
c. Download substitution
d. Race condition

6. A programmer creates an undocumented entry point or execution mode while developing a
program, but forgets to remove it when programs goes into development. This is called ...
a. singed code
b. website defacement
c. a backdoor
d. static code

7. The ... is a key data structure necessary for interchange of data between procedures.
a. hypervisor
b. stack
c. backdoor

,d. race condition

8. There must be an effective policy for access control and three goals must be achieved
namely:
a. check every access, enforce least privilege and verify logs
b. check every access, enforce least privilege and verify acceptable usage
c. check acceptable usage, enforce least privilege and verify logs
d. check every access, enforce least privilege and ensure revocation

9. When people select passwords, they will probably not choose a word that’s random. People
usually choose passwords that are meaningful to them whether it is names of a family member,
spouse, child, or pet. Such possibilities are only a dozen or two. It could take a computer a
minute or two identify the password and even a person can guess it manually. This is called ...
a. exhaustive attack
b. inferring a password
c. dictionary attack
d. defeating concealment

10. Encryption and decryption rules are called algorithms and often uses a key. If the encryption
and decryption keys work in pairs (one key encrypts and another decrypts) it is called ...
encryption.
a. asymmetric
b. strong
c. symmetric
d. double key

Answers
1 . a. active
2 . a. Passive
3 . b. static
4 . d. multifactor authentication
5 . d. Race condition
6 . c. a backdoor
7 . b. stack
8 . b. check every access, enforce least privilege and verify acceptable usage
9 . b. inferring a password
10. a. asymmetric

Chapter 3

1. law concerns mediation that is performed with a "bait and switch" in the middle. A condition
changed between the time the security was checked and the access occurred . This leads to a
confidentiality and/or integrity failure.

[TOCTTOU] flaw concerns mediation that is performed with a "bait and switch" in the middle. A
condition changed between the time the security was checked and the access occurred . This
leads to a confidentiality and/or integrity failure.

, 2. is a security problem e.g. data is validated and incorrect input is captured by users resulting
in errors.

[Incomplete mediation] is a security problem e.g. data is validated and incorrect input is
captured by users resulting in errors.

3. is a malicious code that, in addition to its primary effect, has a second, non-obvious,
malicious effect. Code that contains unexpected, undocumented, additional functionality.

[Trojan horse] is a malicious code that, in addition to its primary effect, has a second, non-
obvious, malicious effect. Code that contains unexpected, undocumented, additional
functionality.

4. Code that replicates itself without limit to exhaust resources is called

Code that replicates itself without limit to exhaust resources is called [rabbit].

5. Code that changes browser settings, disallows access to certain sites, or redirects browsers
to others is called

Code that changes browser settings, disallows access to certain sites, or redirects browsers to
others is called [browser hijacker].

6. Code that triggers action when a predetermined conditions occurs is called

Code that triggers action when a predetermined conditions occurs is called [time bomb].

7. is code installed in "root" or most privileged section of a operating system: hard to detect.

[Rootkit] is code installed in "root" or most privileged section of a operating system: hard to
detect.

8. I s the process of verifying that all the system components work together as a whole as
required in the system as well as the program design specification.

[Integration testing] is the process of verifying that all the system components work together as
a whole as required in the system as well as the program design specification.

9. compares the system with the remainder of the software and hardware requirements.

[Performance testing] compares the system with the remainder of the software and hardware
requirements.

10 . Testers can examine the design and code directly, generating test cases based on the
code’s actual construction - this is called

Testers can examine the design and code directly, generating test cases based on the code’s
actual construction - this is called [clear-box testing].

Written for

Institution
Course

Document information

Uploaded on
January 30, 2026
Number of pages
84
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$5.32
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
elenaprowriter University of South Africa (Unisa)
Follow You need to be logged in order to follow users or courses
Sold
105
Member since
5 year
Number of followers
71
Documents
22
Last sold
1 month ago

3.5

13 reviews

5
3
4
4
3
4
2
1
1
1

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions