Discuss the two significant weaknesses of DAC.
What will be an ideal response?
DAC has two significant weaknesses. First, although it gives a degree of freedom to the subject, DAC poses risks in that it relies on decisions by the end user to set the proper level of security. As a result, incorrect permissions might be granted to a subject or permissions might be given to an unauthorized subject. A second weakness is that a subject's permissions will be "inherited" by any programs that the subject executes. Attackers often take advantage of this inheritance because end users in the DAC model often have a high level of privileges. Malware that is downloaded onto a user's computer would then run in the same context as the user's high privileges. Trojans are a particular problem with DAC.
You might also like to view...
What does it mean for a class to be declared as final? What does it mean for a method to be declared as final?
What will be an ideal response?
List insertion can be ordered or random.
Answer the following statement true (T) or false (F)
The___________ is a conceptual layout device that aligns your page content into columns and rows.
Fill in the blank(s) with the appropriate word(s).
The W3C provides a free validation service that checks code to confirm that its format and ____________________ meet professional standards.
Fill in the blank(s) with the appropriate word(s).