Operating systems (OSs) are usually viewed from one of two perspectives. The classical theory of operating systems views them as means for efficiently allocating resources, while a more modern viewpoint sees OSs as a means of abstracting the hardware operation of a machine from the normal user.
1 - Describe each attack and a method for protecting against it:
a) Guessing passwords b) A virus attack c) A denial of service attack d) A time bomb e) A 'terminal gone awry' attack f) Electronic mail giving phony operator orders
2 - Describe each defensive theory or technique:
a) The subject/object model b) Access lists c) Collusion analysis d) The security and integrity models e) The lattice and POset models
3 - Explain the difference between:
a) Policies and models b) Trusted and untrusted computing bases c) Viruses and Trojan horses d) Identification, authentication, and authorization
4 - Describe strengths and weaknesses of:
a) Defense in depth b) The TSEC c) Auditing for detecting attacks d) Proof of OS correctness e) Testing for OS assurance
5 - Describe the virtues and drawbacks of:
a) Least privilege b) Economy of mechanism c) Complete mediation d) Open design
6 - Describe how and why these are used to assist in OS protection:
a) Multiple states (kernel and user) b) Virtual memory c) Privileged instructions d) Interrupts
7 - Describe:
a) Similarities and differences between database and OS protection b) The use of privacy locks and keys c) What a statistical database is and how it differs from other databases d) Two ways bases can be illicitly released e) Two defenses against attacks from (d)