1. ________ is a set of circumstances that has the potential to
cause loss or harm.
2. ____________ is an access control mechanism that is based on
two sets of attributesone set of attributes associated with the
current domain of execution of a subject and the other set of
attributes is associated with an object.
3. The ________ model is a lattice-based formal model for
confidentiality, and it continues to be the dominant security
policy model even today.
4. The _________ model is an integrity policy model that is a
dual of the Bell-LaPadula model in that it inverts the dominance
5. A __________ computer system is a system that employs
sufficient hardware and software assurance techniques to allow it
to process information at multiple security levels.
6. Which security model is most useful for preventing the
contamination of data?
7. __________ is a protective measure that is an action, device,
procedure, or _________ that removes or minimizes risk or its
8. The fundamental security design principles include fail-safe
defaults, complete mediation, open design, isolation, _________,
__________, ___________, and _____________.
9. A(n) _________ is a weakness in an asset or group of assets
that can be exploited by one or more threats.
10. The _________________ security model is an information flow
model used to implement dynamically changing access
Questions (5 points each)
11. Explain the Trusted Computing Base (TCB). What does it
maintain? What basic functions are monitored by the TCB?
12. What is information security? What is information assurance?
What is the difference between the two terms?
13. Explain the relationship between a threat, a risk, and a
14. What is the function of the Reference Monitor?
15. What are the guiding principles of the Reference Validation
16. Define and provide examples of the three core aspects of