Security Engineering

Question 1

Middleware Platform

Answer 1

connecting software that allows multiple processes running on one or more machines to interact. Helps smooth out connectivity issues

Question 2

Embedded Systems Platform

Answer 2

Self Contained - mobile computing

Question 3

Pervasive Computing Platform

Answer 3

Mobile Computing Devices

Question 4

Web-Based Platform

Answer 4

XML Services - Security Assertion Markup Language (SAML): XML based standard for exchanging authentication and authorization data between security domains.

Question 5

Common Web-Based Platform Vulnerabilities

Answer 5

Broken access control
Broken Account Control
Broken Account Management and Session Management
Cross-site scripting (XSS) flaws
Buffer Overflows
Command injection flaws
Error Handling problems
insecure crypto
remote admin flaws
web and app server misconfig

Question 6

Main Tasks of a CPU

Answer 6

Fetching, Decoding, Executing, Storing
Should be able to Multitask on a CPU.
Threads are a series of instructions to the CPU “for a limited time”

Question 7

Whats a Covert Channel

Answer 7

when attacker can determine when a process is running

Question 8

Time of check/time of use (TOC TOU), vulnerability

Answer 8

Example would be when a user opens web application and edits document, however right after opening the document the admin locks the page and prevents editing from occurring, since the file was already open, the user could still edit even though the file now is locked down

Question 9

Parallel Systems

Answer 9

Multiple processors performing tasks on single data set Example Cloud Computing

Question 10

Distributed System

Answer 10

Multiple processors performing tasks on shared data set. Example Peer to Peer Network