# Course: CS 585 03f


#######################################
:TYPE:MC:1:0:C
:TITLE: Bell LaPadula Model
:QUESTION:H
The Bell LaPadula model is meant to address which aspect(s) of security?
:ANSWER1:0:T
availability
:ANSWER2:0:T
authentication
:ANSWER3:100:T
confidentiality
:ANSWER4:0:T
integrity
:ANSWER5:0:T
all of the above
:CAT:test2_mc


#######################################

:TYPE:MC:1:0:C
:TITLE:Reading
:QUESTION:H
Under the Bell LaPadula model, if a document is classified as Gamma, Public and a user 
has a clearance of Beta, Confidential, when the user tries to read the file the following will occur: See the image shown <img src="http://www.cs.uah.edu/~dhart/cs585/t2lattice.png"/>.
:ANSWER1:0:T
A discretionary access violation will occur.
:ANSWER2:0:T
A star violation will occur.
:ANSWER3:100:T
A simple security violation will occur.
:ANSWER4:0:T
All of the above.
:ANSWER5:0:T
The user will read the file.
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Writing
:QUESTION:H
Under the Bell LaPadula model and the image shown <img src="http://www.cs.uah.edu/~dhart/cs585/t2lattice.png"/>.  When a user with clearance Beta, Confidential writes to a file with a classification level
Alpha, Public, the lowest the security level of the modified file can be is:
:ANSWER1:0:T
Alpha, Public
:ANSWER2:100:T
Alpha, Secret
:ANSWER3:0:T
Beta, WWW
:ANSWER4:0:T
Beta, Confidential
:ANSWER5:0:T
Beta, Top Secret
:ANSWER6:0:T
Gamma, Public
:ANSWER7:0:T
Gamma, Secret
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Ordering 
:QUESTION:H
The lattice in the image shown <img src="http://www.cs.uah.edu/~dhart/cs585/t2lattice.png"/> is an example of a(n):
:ANSWER1:0:T
enumeration
:ANSWER2:100:T
partial ordering
:ANSWER3:0:T
set
:ANSWER4:0:T
total ordering
:ANSWER5:0:T
none of the above
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Basic Security
:QUESTION:H
The basic security theorem is based on which of the following
:ANSWER1:0:T
discretionary access property
:ANSWER2:0:T
simple security property
:ANSWER3:0:T
star property
:ANSWER4:100:T
all of the above
:ANSWER5:0:T
none of the above
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Unix file access
:QUESTION:H
Unix file access control is an example of
:ANSWER1:100:T
discretionary access control
:ANSWER2:0:T
mandatory access control
:ANSWER3:0:T
originator access control
:ANSWER4:0:T
all of the above
:ANSWER5:0:T
none of the above
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Liveness
:QUESTION:H
The liveness property described in class is most similar to which of the following properties
:ANSWER1:0:T
authentication
:ANSWER2:100:T
availability 
:ANSWER3:0:T
confidentiality 
:ANSWER4:0:T
integrity
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:W gains c
:QUESTION:H
Consider the image shown <img src="http://www.cs.uah.edu/~dhart/cs585/t2tg.png"/>, which of the following must be true for W to be able to gain right c over Y.  A represents a set of rights.
:ANSWER1:0:T
A must contain c
:ANSWER2:100:T
A must contain g
:ANSWER3:0:T
X must be a subject
:ANSWER4:0:T
all of the above
:ANSWER5:0:T
none of the above, A can be anything
:ANSWER6:0:T
none of the above, it is not possible
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Z gains c
:QUESTION:H
Consider the image shown <img src="http://www.cs.uah.edu/~dhart/cs585/t2tg.png"/>, which of the following must be true for Z to be able to gain right c over W.  A represents a set of rights.
:ANSWER1:0:T
A must contain c
:ANSWER2:0:T
A must contain g
:ANSWER3:0:T
X must be a subject
:ANSWER4:0:T
all of the above
:ANSWER5:0:T
none of the above, A can be anything
:ANSWER6:100:T
none of the above, it is not possible
:CAT:test2_mc


#######################################
:TYPE:MC:1:0:C
:TITLE:Schematic Protection Model
:QUESTION:H
Which of the following parts of the Schematic Protection Model is primarily concerned with the transfer of tickets.
:ANSWER1:0:T
Domains
:ANSWER2:0:T
Types
:ANSWER3:0:T
Link Predicate
:ANSWER4:100:T
Filter Predicate
:ANSWER5:0:T
Can Create
:ANSWER6:0:T
Create Rule
:ANSWER7:0:T
Safety Analysis
:CAT:test2_mc


#######################################

:TYPE:P
:TITLE:Model Comparison
:QUESTION:H:60:30
How do you choose which model should be used for a particular problem?  Include how you compare different models to each other.
:CAT:test2_p


#######################################

:TYPE:P
:TITLE:Access Control
:QUESTION:H:60:30
Describe the difference between mandatory and discretionary access control, including the trade-offs from a security standpoint between using the different policies.
:CAT:test2_p


#######################################
:TYPE:P
:TITLE:Bell LaPadula usage
:QUESTION:H:60:30
Suppose you were designing a banking system.  Describe how you could incorporate a model such as the Bell LaPadula model into the design.  What are the advantages of using the model versus not using it in the design?
:CAT:test2_p


#######################################
:TYPE:P
:TITLE:Link Predicate
:QUESTION:H:60:30
Describe how the link predicate is used in the Schematic Protection Model.
:CAT:test2_p


#######################################