
Net ID:
Information Assurance: Final Exam โ Key
December 11, 2006
Multiple Choice โ 2 points each
1. Mechanisms used to access resources should not be shared. This is a definition for
which Salzer and Schroeder's Design Principle.
a. Principle of Least Privilege
b. Principle of Safety
c. Principle of Economy of Mechanism
d. Principle of Least Common Mechanism
2. The Trusted Platform Module (TPM) can create a sealed bound message. What does
this involve?
a. Encrypt the message with a non-migrateable, public key associated with the
target TPM and include PCR values that must be met before the target TPM
will decrypt the message.
b. Encrypt the message with a non-migrateable, private key associated with the
source TPM and include PCR values that must be met before the target TPM
will decrypt the message.
c. Encrypt the message with a symmetric key shared with the target and source
TPM and include PCR values that must be met before the target TPM will
decrypt the message.
d. Encrypt the message with a non-migrateable, public key associated with the
target TPM.
3. Which of the following is the best definition of slack space?
a. The area of MySpace where the slackers hang out.
b. Unused area on the last block of disk assigned to a file.
c. Blank pages within a word document.
d. Associated streams on the NT File System.
4. The Encapsulating Security Payload (ESP) protocol in IPSec allows:
a. Encryption but not integrity checks.
b. Integrity checks but not encryption.
c. Encryption and integrity checks.
d. Compression and encryption.
5. The legal foundation of our privacy protection is:
a. 9th amendment
b. Communications Assurance for Law Enforcement Act (CALEA)
c. 4th amendment
d. PATRIOT Act
Information Assurance
Final Exam Page 1 12/11/2006