Engineering Processes and Secure Design

Part 1: Computer Architecture and Protection Mechanisms

Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50–100-word explanation of why you chose your answer.

Don't use plagiarized sources. Get Your Custom Essay on
Engineering Processes and Secure Design
Get an essay WRITTEN FOR YOU, Plagiarism free, and by an EXPERT!
Order Essay

Which statement is true of complex instruction set computers (CISC)?
An instruction set executes a single low-level operation.
The access calls to main memory are fewer as compared to RISC.
The instruction set supports all the low-level programming languages.
What is the best description of reduced instruction set computing (RISC)?
Processing that executes one instruction at a time
Computing using instructions that perform many operations per instruction
Computing using instructions that are simpler and require fewer clock
cycles to execute
Memory space that is insulated from other running processes in a multipurpose system is part of a _________.
Security perimeter
Protection domain
Trusted path
What is the best description of an execution domain?
Memory space insulated from other running processes in a multiprocessing system.
A communication channel between an application and the kernel in the TCB.
An isolated area that is used by trusted processes when they are run in privileged state.
The trusted computing system is defined as __________.
The total combination of protection mechanisms within a computer system that are trusted to enforce security policy.
The boundary separating the trusted mechanisms from the remainder of the system.
A system that employs the necessary hardware and software assurance measures to enable processing multiple levels of classified or sensitive information to occur.
You are responsible for managing the virtual computers on your network. Which guideline is important when managing virtual computers?
Update the operating system and applications only on the host computer.
Implement a firewall only on the host computer.
Isolate the host computer and each virtual computer from each other.
Which statements do NOT define the requirements of a security kernel?
The reference monitor should be verified as correct.
The reference monitor should provide process isolation.
The security kernel should be verified in a comprehensive manner.
A method to circumvent the security should be implemented by the reference monitor.
Option a
Option b
Option c
Option d
Option a and c
Option b and d

Which characteristics do NOT identify a reference monitor?
analysis
isolation
verifiability
vulnerability
option a
option b
option c
option d
option a and d
obtion b and c
What part of the TCB concept validates access to every resource prior to granting the requested access?
Security kernel
TCB partition
Reference monitor
What is the best definition of a security model?
A security model provides a framework to implement security policy.
A security model states policies that an organization must follow.
Hey security.
What is an access object?
A list of valid access rules
A resource a user or process wants to access
A user we’re process that wants to access a resource
What is a security control?
A mechanism that limits access to an object.
A list of valid access rules.
A security component that stores attributes that describe an object.

Part 2: Computer Hardware Security Concepts

Section 1: Using Credible Sources, Justify Your Answers to Questions

Answer the following 12 questions by selecting the one best answer for each. Cite your course texts, or other credible source, and provide a 50–100-word explanation of why you chose your answer.

Which statement is true of the dedicated security mode?
All users have the clearance and formal approval required to access all the data.
Some users have the clearance and formal approval required to access all the data.
All the users have the clearance and formal approval required to access some of the data.
Which statement is true of a multilevel security mode?
The multilevel security mode involves the use of sensitivity labels.
The multilevel security mode is based on role-based memberships.
The multilevel security mode is represented by the Chinese Wall model.
Which processes define the supervisor mode?
Processes with no protection mechanism.
Processes that are executed in the outer protection rings.
Processes that are executed in the inner protection rings.
What happens when a trusted computing base (TCB) failure occurs as a result of a lower-privileged process trying to access restricted memory segments?
The system reboots immediately.
The system goes into maintenance mode.
Administrator intervention is required.
Which statement is true of covert channels?
A covert channel is addressed by a C2 rating provided by TCSEC.
A covert channel is not controlled by a security mechanism.
A covert channel acts a trusted path for authorized communication.
What type of channel is used when one process writes data to a hard drive and another process reads it?
Covert timing channel
Covert storage channel
Overt timing channel
What is another name for an asynchronous attack?
Buffer overflow
Maintenance hook
Time-of-check/time-of-use (TOC/TOU) attack
What is meant by the term fail safe?
A system’s ability to recover automatically through a reboot
A system’s ability to preserve a secure state before and after failure
A system’s ability to terminate processes when a failure is identified
Which term is an evaluation of security components and their compliance prior to formal acceptance?
Accreditation
Security control
Certification
There are several types of audits used in various situations that you might encounter in the enterprise. Which type of audit would include audits in support of SOX, HIPAA, or SAS 70?
Compliance audits
Forensic audits
Operational audits
Which of the following statements CORRECTLY describe Qualitative Risk Analysis methods?
Qualitative analysis is based on some categories like low, medium, or high.
Qualitative risk analysis uses value at risk.
Qualitative analysis is based on calculations.
Which of the following statements BEST describes an attribute for effective risk management strategy?
Risk awareness communication may not be required at each step of the risk management process.
Effective risk management activities should not be supported on on-going activities by all the members of orgainization.
Risk management strategy must be an integrated business processes with defined objectives that incorporates all of the organization’s risk management processes.

Graduate Homework
Order a unique copy of this paper
(550 words)

Approximate price: $22

Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Papers are written from scratch We have molded our writers to develop content for all assignments from scratch. This way, we promote originality and reduce cases of plagiarism that might affect your grades and hinder you from realizing your academic goals. We encourage our clients to indicate the deliverables that should be featured in the final paper. Our online help services allow one to make a clarification and even interact with the writer directly to help them understand the needs of the assignment. Many of our writers are professional tutors who understand the approaches that should be used to fulfill the specified instructions. Every time a client places an order on our system, we link them with the most qualified writer in the subject of interest.

Money-back guarantee

YUnlike other writing companies, we encourage clients to draw back their money at any stage of the writing process if they experience any uncertainties with the quality of generated content. However, you will hardly have to make this decision because of our business approach that suits your needs.

Zero-plagiarism guarantee

We have an advanced plagiarism-detection system that flags any work that fails to meet the required academic expectations. Our company thrives in honesty, and as such, you will be guaranteed to achieve a paper that meets your expectations.

Free-revision policy

We encourage our clients to return papers for revision seven days after the last submission for free. Depending on the proposed changes, we will work on your article to achieve the desired expectations.

Privacy policy

We uphold confidentiality and privacy through our interactions with clients, an aspect that has enhanced our relationship with prospective customers seeking for assignment help. We do not disclose your information with third-parties

Qualified Writers

We boast of a diverse pool of ENL and ESL professionals who respond with a personal touch to the needs of every client. Our focus is to become the best platform that offers specialized services to individuals to accomplish their academic goals.

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency