Answered step by step
Verified Expert Solution
Question
1 Approved Answer
1 ) A certain system uses attestation before any binary is loaded in the system. This means that a program is only run when the
A certain system uses attestation before any binary is loaded in the system. This means that a program is only run when the program hash matches its stored measurement. If attestation is only done for programs that have been demonstrated to be vulnerability free, such an attestation based system will ensure that known vulnerable code is never executed in a system a True b False Modern computer systems can run multiple processes at the same time by sharing physical resources such as CPU and memory among processes. In such a system, not considering performance, user A can assume that the execution of hisher processes will not be affected by the execution of unrelated processes of user B because the operating system aremoves all data and code of one process from memory when another process runs. bdoes not switch CPU from a process of user A to another user's process until As processes complete their execution. climits a process's access to memory that only stores its code and data. dallows a process access to all memory that stores nonoperating system code but only when the access is read The following is an example of an activity in a computer system that can be performed without making a system call. a access a protected resource bmake a function call cperform an IO operation that requires access to a device d access OS data that it could not access before making the system call An operating system has direct access to and control over all physical resources in a computer system. However, when user code is executed, most memory accesses LOAD and STORE requests are completed without operating system intervention. This can be done because of the following reason aMain memory is not a protected resource bMain memory is a reusable resource and does not need to be protected cShared data could reside in memory and hence all processes must have access to all main memory d The user code in a process can only access memory after it is allocated to the process by the operating system The boundary between untrusted user code and trusted system code is also called the security perimeter or protection boundary. Such a perimeter separates the following aInterrupt handling and page fault handling code blocal and global variables used by user code cUser computations and code that implements system calls dAll of the above An attacker is able to exploit a buffer overflow vulnerability in the code of an operating system to turn off file access checks. As a result of this change in the TCB any user can access any file in the system.The reason for this uncontrolled access to files on this system is that, prior to the exploitation of the operating system or TCB it did not meet the following requirement aComplete mediation bTamperproof cCorrectness dAll of these Most widely used operating systems provide considerable support for auditing but do not implement mandatory access control.What is the highest TCSEC class in which this system can be placed? aC b B cD dC Q SELinux is a security enhanced Linux system.It can be placed in the B TCSEC class because it enhances standard Unix with the following adiscretionary access control bloggingauditing cmandatory access control d formal correctness seL claims to be the world's most highassured operating system kernel OS kernelcan be viewed as the TCB This claim could be based on a better performance of seL b multifactor user authentication in seL C formal proof for the correctness of seL dnone of the above
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started