TRUE/FALSE QUESTIONS:

1. Programmers use trapdoors legitimately to debug and test programs.

2. If the compromised machine uses encrypted communication channels, then just sniffing the network packets on the victims computer is useless because the appropriate key to decrypt the packets is missing.

3. There is a problem anticipating and testing for all potential types of non-standard inputs that might be exploited by an attacker to subvert a program.

4. Without suitable synchronization of accesses it is possible that values may be corrupted, or changes lost, due to over-lapping access, use, and replacement of shared values.

5. The biggest change of the nature in Windows XP SP2 was to change all anonymous remote procedure call (RPC) access to require authentication.