____ cookies are cookies placed on your hard drive by a company other than the one associated with the Web page that you are viewing—typically a Web advertising company.

Large block sizes generally ________ the number of I/O operations required to access file data; small block sizes generally ________ the amount of internal fragmentation.

a) increase, increase b) increase, reduce c) reduce, increase d) reduce, reduce

You are given the task of detecting the occurrences of a polymorphic virus that conceals itself as follows. The body, C, of the virus code is obfuscated by XORing it with a byte sequence, T, derived from a six-byte secret key, K, that changes from instance to instance of the virus in a random way. The sequence T is derived by merely repeating over and over the given key K. The length of the body

of the virus code is a multiple of six—padding is added otherwise. Thus, the obfuscated body is T ? C, where T = K||K|| · · · and || denotes string concatenation. The virus inserts itself to the infected program at an unpredictable location. @par An infected file contains a loader that reads the key K, unhides the body C of the virus code by XORing the obfuscated version with the sequence T (derived from K), and finally launches C. The loader code, key K, and the obfuscated body are inserted at random positions of infected programs. At some point of the execution of the infected program, the loader gets called, which unhides the virus and then executes it. Assume that you have obtained the body C of the virus code and a set of programs that are suspected to be infected. You want to detect the occurrences of this virus among the suspected programs without having to actually emulate the execution of the programs. Give an algorithm to do this in polynomial time in the length of the program. Assume that the loader of the virus is a short piece of code that can be commonly found in legitimate programs. Therefore, it cannot be used as a signature of our virus. Hence, looking for the loader is not an acceptable solution. Remember, the loader is in binary, and as such, extracting information from it is nontrivial, i.e., wrong.

Which of the following security models add programs to the subjects and objects?

a. Biba Integrity Model b. Clark-Wilson Model c. Chinese Wall Model d. Bell-LaPadula Model

To enter data in a cell, you must first make the cell active.

Answer the following statement true (T) or false (F)