$1)$A certain system uses attestation before any binary is loaded in the system. This means that a program is only run when the program hash matches its stored measurement. If attestation is only done for programs that have been demonstrated to be vulnerability free, such an attestation based system will ensure that known vulnerable code is never executed in a system a$.$ True b$.$ False $2)$ Modern computer systems can run multiple processes at the same time by $6$sharing physical resources such as CPU and memory among processes. In such a system, not considering performance, user A can assume that the execution of his$/$her processes will not be affected by the execution of unrelated processes of user B because the operating system a$.$removes all data and code of one process from memory when another process runs. b$.$does not switch CPU from a process of user A to another user's process until A$\text{'}$s processes complete their execution. c$.$limits a process's access to memory that only stores its code and data. d$.$allows a process access to all memory that stores non$-$operating system code but only when the access is read $3.$The following is an example of an activity in a computer system that can be performed without making a system call. a$.$ access a protected resource b$.$make a function call c$.$perform an I$/$O operation that requires access to a device d$.$ access OS data that it could not access before making the system call $4.$An operating system has direct access to and control over all physical resources in a computer system. However, when user code is executed, most memory accesses $($LOAD and STORE requests$)$ are completed without operating system intervention. This can be done because of the following reason a$.$Main memory is not a protected resource b$.$Main memory is a reusable resource and does not need to be protected c$.$Shared data could reside in memory and hence all processes must have access to all main memory d$.$ The user code in a process can only access memory after it is allocated to the process by the operating system $5.$The boundary between untrusted user code and trusted system code is also called the security perimeter or protection boundary. Such a perimeter separates the following a$.$Interrupt handling and page fault handling code b$.$local and global variables used by user code c$.$User computations and code that implements system calls d$.$All of the above $6.$An attacker is able to exploit a buffer overflow vulnerability in the code of an operating system to turn off file access checks. As a result of this change in the TCB$,$ any user can access any file in the system.The reason for this uncontrolled access to files on this system is that, prior to the exploitation of the operating system or TCB$,$ it did not meet the following requirement a$.$Complete mediation b$.$Tamper$-$proof c$.$Correctness d$.$All of these $7.$Most widely used operating systems provide considerable support for auditing but do not implement mandatory access control.What is the highest TCSEC class in which this system can be placed? a$.$C$1$ b$.$ B$1$ c$.$D d$.$C$2$ Q$8$ SELinux is a security enhanced Linux system.It can be placed in the B$1$ TCSEC class because it enhances standard Unix with the following a$.$discretionary access control b$.$logging$/$auditing c$.$mandatory access control d$.$ formal correctness $9.$ seL$4$ claims to be the world's most high$-$assured operating system kernel $($OS kernelcan be viewed as the TCB$).$ This claim could be based on a$.$ better performance of seL$4$ b$.$ multi$-$factor user authentication in seL$4.$ C$.$ formal proof for the correctness of seL$4$ d$.$none of the above