Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

MSIS 4123 Exam 2 (Questions & Answers) Rated 100% Correct!!

Rating
-
Sold
-
Pages
16
Grade
A+
Uploaded on
18-07-2024
Written in
2023/2024

"Secure", as in secure programs - No single definition; never 100% secure "The Cloud" - "Someone Else's Computer" "Upstream Early and Often" - Popular open source motto regarding code changes Access Control List - Each object has a list of right per object or user; inverse of a file directory Active fault detection - Prorgrams should watch for errors; redundant (duplicate) systems should take the place of failed systems if possible Apache License 2.0 - Can be applied to both copyrights and patents Appropriate Confidence Level in Trusted Software - Trust matches the sensitivity of the environment and the data ASCII - American Standard code for info interchange A standard for representing binary values as human-interpreted characters; a code sheet Assembly language - One step up from machine code; Uses words like "push" and "pop" and "add" Assurance (Trusted Systems) - Our belief that the O/S in implemented in a way that enforces the security policy Audit Logs - Track actions in computer; who did what, whenBase Register - Variable fence register that sets the lower bound (lower memory location) Bell-LaPadula Model - Simple Security Property (no read up) * - Property (no write down) All about confidentiality Biba Model - Simple Integrity Rule (no read down) Integrity *-Property (no write up) All about the integrity of the data Biometrics - Authentication that relies on physical characteristics of user BIOS - The first set of instructions ran by a computer; stored in ROM Black Box Testing - Trying to break a program without looking at the code Bounds Register - Variable fence register that sets the upper memory location Brain Virus - Early prototype virus; boot sector virus Brute Force Attack - Trying every possible password combination BSD License - Fewer restrictions than GPL; New BSD restricts use of contributor names for endorsement of a derived work Buffer Overflow - Commiting more data to memory than has been allotted; this pushes data into other memory regions, can allow improper access Change Control - Senior group that reviews and decides on major software changesChinese Wall Security Policy - Confidentiality; Working on X bars you from seeing Y; Law firm example Clark-Wilson Commercial Security Policy - Integrity and Confidentiality; well-formed transactions; separation of duty Clear Box Testing - Trying to break a program while having the advantage of also seeing the code. Code Red - Very bad virus; exploited IIS; used buffer overflow; different actions on different days Cohesion - We want high cohesion; all code in a module relates to that module Commerical Security Policies - No formal clearances; poor regulation of rules; internal data vs everything else Common Criteria - US/Canadian rewrite of the DoD Orange Book; 1992 Compiled code - All the code is turned into machine code at once; An .exe file is compiled code

Show more Read less
Institution
MSIS 4123
Course
MSIS 4123

Content preview

MSIS 4123 Exam 2 "Secure", as in secure programs - No single definition; never 100% secure "The Cloud" - "Someone Else's Computer" "Upstream Early and Often" - Popular open source motto regarding code changes Access Control List - Each object has a list of right per object or user; inverse of a file directory Active fault detection - Prorgrams should watch for errors; redundant (duplicate) systems should take the place of failed systems if possible Apache License 2.0 - Can be applied to both copyrights and patents Appropriate Confidence Level in Trusted Software - Trust matches the sensitivity of the environment and the data ASCII - American Standard code for info interchange A standard for representing binary values as human -interpreted characters; a code sheet Assembly language - One step up from machine code; Uses words like "push" and "pop" and "add" Assurance (Trusted Systems) - Our belief that the O/S in implemented in a way that enforces the security policy Audit Logs - Track actions in computer; who did what, when Base Register - Variable fence register that sets the lower bound (lower memory location) Bell-LaPadula Model - Simple Security Property (no read up) * - Property (no write down) All about confidentiality Biba Model - Simple Integrity Rule (no read down) Integrity * -Property (no write up) All about the integrity of the data Biometrics - Authentication that relies on physical characteristics of user BIOS - The first set of instructions ran by a computer; stored in ROM Black Box Testing - Trying to break a program without looking at the code Bounds Register - Variable fence register that sets the upper memory location Brain Virus - Early prototype virus; boot sector virus Brute Force Attack - Trying every possible password combination BSD License - Fewer restrictions than GPL; New BSD restricts use of contributor names for endorsement of a derived work Buffer Overflow - Commiting more data to memory than has been allotted; this pushes data into other memory regions, can allow improper access Change Control - Senior group that reviews and decides on major software changes Chinese Wall Security Policy - Confidentiality; Working on X bars you from seeing Y; Law firm example Clark -Wilson Commercial Security Policy - Integrity and Confidentiality; well -formed transactions; separation of duty Clear Box Testing - Trying to break a program while having the advantage of also seeing the code. Code Red - Very bad virus; exploited IIS; used buffer overflow; different actions on different days Cohesion - We want high cohesion; all code in a module relates to that module Commerical Security Policies - No formal clearances; poor regulation of rules; internal data vs everything else Common Criteria - US/Canadian rewrite of the DoD Orange Book; 1992 Compiled code - All the code is turned into machine code at once; An .exe file is compiled code Complete Mediation - Every access attempt is checked Concurrency Managment - Concurrency management is ensuring that many people can change data at the same time but in some sane order Contributor (Open Source Software) - Someone who has made new code or code changes that are accepted into the original source code Counting in binary - Number right to left starting with 1 and doubling to 256. Add all the numbers over a "1" in binary

Written for

Institution
MSIS 4123
Course
MSIS 4123

Document information

Uploaded on
July 18, 2024
Number of pages
16
Written in
2023/2024
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

$8.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF


Also available in package deal

Thumbnail
Package deal
MSIS Bundled with complete solutions;Updated 2024,2025
-
15 2024
$ 15.99 More info

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
ACADEMICMATERIALS City University New York
View profile
Follow You need to be logged in order to follow users or courses
Sold
621
Member since
3 year
Number of followers
185
Documents
10570
Last sold
2 hours ago

4.0

99 reviews

5
54
4
13
3
21
2
3
1
8

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions