Respond to the following and provide a sentence explaining each answer. Where more than one answer applies, provide a sentence for each.

Where more than one answer applies, provide a sentence for each.

1. What are the advantages of performing encryption at the disk-block level, below the file system? (Mark all that apply.)

a.      Avoiding file system overheads allows for higher performance

b.      Since the encryption system has to deal with a simpler interface, the design is simpler

c.      The same encryption system will work with different file systems

d.      Encrypting at the disk-block level ensures integrity, which cannot be achieved in the file system itself

2. Why doesn't BitLocker encrypt the BitLocker boot partition (as opposed to the OS data partition)? (Mark all that apply.)

a.      Encryption would be too expensive this early in the boot process

b.      The TPM measures the contents of the BitLocker partition, so adversaries would not be able to tamper with its contents

c.      The BitLocker boot partition is not encrypted, but the keys stored on that partition are encrypted

d.      The boot partition contains no secret information that needs to be protected from disclosure

3. What are the issues in using AES-CBC for disk encryption? (Mark all that apply.)

a.      If the adversary guesses the plaintext (decrypted) value of the first 128-bit block, the adversary can unroll the rest of the chain and decrypt the rest of the 4-KByte disk block

b.      If the adversary flips a single bit in the encrypted block, the decrypted value will also change by exactly a single bit

c.      An adversary can manipulate the ciphertext of a block to flip a specific bit in the decrypted plaintext block, with minimal changes to the rest of the plaintext block

d.      When using the same key and IV, encrypting the same plaintext data produces the same ciphertext

4.  True or False: Only illegal input files can cause an integer overflow error.

               True

               False

5.  True or False: CodePhage only uses one input to find the correct check in the donor that eliminates the error.

               True

               False

6.  Code injection is a form of attack in which a malicious user:

a.      Gains access to the codebase on the server and inserts new code

b.      Inserts text into a data field that gets interpreted as code

c.      Inserts additional code into the JavaScript running in the browser

d.      Gets the server to execute arbitrary code using a buffer overflow

7. Cross-site request forgery involves:

a.      A browser making a request to a server without the user's knowledge

b.      A server making a request to another server without the user's knowledge

c.      A request sent by a malicious user from a browser to a server

d.      Modification of a request by a proxy between client and server

8.  To keep track of a user, a server may include a user's identifier as a hidden and encrypted form field, so that it comes back with every form submission. What risk does this entail?

a.      A malicious user modifies the hidden field and submits a request for another user

b.      The user identifier is leaked and can be sniffed

c.      A cross-site request forgery can get hold of the identifier

d.      The identifier can be used in a code injection attack

9.  Why did the Android developers decide against using the existing desktop and web application models? (Mark all that apply.)

a.      The desktop model did not offer sufficiently flexible data sharing between applications

b.      The desktop model did not offer sufficient isolation between applications

c.      The web application model made installing an application too difficult

d.      The web application model did not offer sufficient functionality, at the time Android was being developed

10.   What is the point of having "normal" permissions that are given to any application without asking the user? (Mark all that apply.)

a.      The device owner (user) can revoke a normal permission from an existing application, but still keep the application working

b.      The device owner (user) can audit what applications have requested access to a particular normal permission

c.      An application cannot inadvertently misuse normal permissions that it has not requested