Systems Security Chapter 2: Security Requirements Quiz

Questions and Answers

What is a common human vulnerability mentioned in the text?

• Advanced knowledge of users
• Limited horizon (correct)
• Unlimited skills
• Extensive problem awareness

Why do discretionary access control systems face challenges according to the text?

• Abundance of user options
• Archaic and inapt security mechanisms (correct)
• Isolation of trusted software
• Modern security mechanisms

What contributes to the ineffectiveness of discretionary access control systems?

• Abundance of security policies
• Individual discretionary access control (correct)
• Isolated non-trusted software
• Global security enforcement

What is a technical vulnerability highlighted in the text?

Conceptual weaknesses in old systems (B)

Which principle involves allowing access only to those who need it for their job?

Need-to-know principle (A)

What is the goal of vulnerability analysis in IT systems?

To identify technical, organizational, and human vulnerabilities (A)

Which of the following is an example of a human vulnerability mentioned in the text?

Importing malware due to lack of knowledge (C)

In the context of the Linux access control system described, what was the severe vulnerability that the 3 users created?

Incorrectly setting file permissions from their point of view (D)

What issue arises when passwords are written on Post-It notes, as mentioned in the text?

Reduced security due to potential exposure (D)

What can be inferred from the scenario involving Ann, Bob, and Chris regarding their files' permissions?

Proper file permissions were set by all users, ensuring system security (C)