CIS3360: Security In Computing 3
Page 1
CIS3360: Security in Computing Homework 1 1. (55 points) Knowledge - based Question: a. What are the four criteria to judge whether or not biometrics are suitable for identification? What criteria does the biometric ‘weight’ violate (which makes it unsuitable for identification)? The four criteria to judge whether or not biometrics are suitable for identification are: 1. Comfort 2. Accuracy 3. Availability 4. costs Costs is the criteria which is unsuitable using biometric because there are other identifications processes which are cheap but biometric is expensive and it needs expensive devices to evaluate identification. b. In computer’s memory, when stack grows, does the address of the top of stack increase or decrease? In computer’s memory, when stack grows, the address of the top of stack decreases. c. What is a ‘page fault’? Why could page fault greatly reduce computing performance? When the page requested by a program is not available in the memory, it is called as a page fault. Since it does nothing else and keeps finding the page the speed of computer slows down. d. What are the two types of virtual machines? What type of VM does Java VM belongs to? What type of VM does VMware belongs to? The two types of VM are: System virtual Machines and process virtual machines. System VM belongs to VMware whereas Process VM belongs to JavaVM e. What are mail ‘open relay’? Why can it be used by spammer to send out spam email? Mail open relay are the mail servers that allow anyone to send emails through them to any destination. It can be used by spammers to send out spam emails because thousand even millions emails can be sent though them in short time. f. What does ‘Non - executable stack memory’ mean? Why can some programs not run when this option is enabled? Non executable stack memory is a memory policy on the stack memory region that disallows execution from the stack. When this option is enabled certain memory is marked as not for executable code. Viruses that attempt to insert and execute code from non - executable memory locations are intercepted and an exception is raised resulting some programs not to run.Page 2
CIS3360: Security in Computing Homework 1 1. (55 points) Knowledge - based Question: a. What are the four criteria to judge whether or not biometrics are suitable for identification? What criteria does the biometric ‘weight’ violate (which makes it unsuitable for identification)? The four criteria to judge whether or not biometrics are suitable for identification are: 1. Comfort 2. Accuracy 3. Availability 4. costs Costs is the criteria which is unsuitable using biometric because there are other identifications processes which are cheap but biometric is expensive and it needs expensive devices to evaluate identification. b. In computer’s memory, when stack grows, does the address of the top of stack increase or decrease? In computer’s memory, when stack grows, the address of the top of stack decreases. c. What is a ‘page fault’? Why could page fault greatly reduce computing performance? When the page requested by a program is not available in the memory, it is called as a page fault. Since it does nothing else and keeps finding the page the speed of computer slows down. d. What are the two types of virtual machines? What type of VM does Java VM belongs to? What type of VM does VMware belongs to? The two types of VM are: System virtual Machines and process virtual machines. System VM belongs to VMware whereas Process VM belongs to JavaVM e. What are mail ‘open relay’? Why can it be used by spammer to send out spam email? Mail open relay are the mail servers that allow anyone to send emails through them to any destination. It can be used by spammers to send out spam emails because thousand even millions emails can be sent though them in short time. f. What does ‘Non - executable stack memory’ mean? Why can some programs not run when this option is enabled? Non executable stack memory is a memory policy on the stack memory region that disallows execution from the stack. When this option is enabled certain memory is marked as not for executable code. Viruses that attempt to insert and execute code from non - executable memory locations are intercepted and an exception is raised resulting some programs not to run.