Suppose a program to print paychecks secretly leaks a list of names of employees earning more than a certain amount each month. What controls could be instituted to limit the vulnerability of this leakage?
What will be an ideal response?
Example controls: Screening all output; splitting the program into two, written by separate teams, each processing half of the input each month; code reviews during development; testing to exercise all branches in the source code. Note that these controls are not perfect. Note also that it is much easier to limit the vulnerability if one knows or suspects it exists instead of hypothesizing such a vulnerability exists and seeking to confirm the hypothesis.
You might also like to view...
Which of the following statements is false?
a. A finally block is placed after the last catch block. b. A finally block typically releases resources acquired in the corresponding try block. c. The finally block and try block can appear in any order. d. A finally block is optional.
The ____ attribute of a text field determines the designated appearance of the text field.
A. Name B. Char Width C. Type D. Init Val
Which of the following commands can be used to set the number of days until user account jsmith with an expired password is disabled?
A. usermod -f 15 jsmith B. usermod -d 15 jsmith C. usermod -x 15 jsmith D. usermod -e 15 jsmith
?Some tags include ____ that specify additional information about the content to be formatted by the tag.
A. ?modifiers B. ?variants C. ?optionals D. ?attributes