SE 571 Principles of Information Security and privacy Midterm Exam


1. (TCO A) What are the three goals of security in computing? For each goal, list two controls that can be implemented to help achieve that goal.

2. (TCO A) List and define five desirable qualities in a process designed to evaluate the trustworthiness of an operating system

3. (TCO B) Suppose you have a high capacity network connection coming into your home, and you also have a wireless network access point. Also suppose you do not use the full capacity of your network connection. List three reasons you might still want to prevent an outsider obtaining free network access by intruding into your wireless network

4. (TCO C) Explain how a hashing algorithm works and how it can be used to provide authentication and data integrity

5. (TCO B) Which of the following is a correct statement?

6. (TCO A) What are the three types of user authentication? Name three examples of each type of authentication.

(TCO C) Respond to each part of this question:

  1. a) Describe how a long number (encryption key) can be shared between sender and receiver without using any source that is obvious to outsiders and without directly sending the number from sender and receiver.

b) Describe how a long number (encryption key) can be shared between sender and receiver over an unsecured network without loss of confidentiality.

8. (TCO A) May a database contain two identical records without a negative effect

on the integrity of the database? Why or why not?

9. (TCO B) It’s been said that firewalls are dead. Some think that, because of the

prevalence of application-layer attacks, packet filtering firewalls are of no real

use in protecting networks. Name three advantages of using packet filtering

firewalls in modern networks.