Chat with AIExam 4: Trust and Threat Model
Exam 1: Introduction to Security Concepts42 Questions
Exam 2: Software Engineering and Security42 Questions
Exam 3: Essential Public Key Infrastructure42 Questions
Exam 4: Trust and Threat Model42 Questions
Exam 5: Java Programming Security42 Questions
Exam 6: Java Api-Level Security Features42 Questions
Exam 7: Authentication and Authorization With Java42 Questions
Exam 8: Secure Programming With C and Openssl42 Questions
Exam 9: Secure Programming With Perl42 Questions
Exam 10: Identity Management42 Questions
Exam 11: Security Topics42 Questions
Select questions type
Describe the strict hierarchy trust model.
Free
(Essay)
4.7/5 
(33)
(33) Correct Answer:
Verified
VerifiedIn a strict hierarchy trust model, there is one trust anchor (root) from which trust extends. The root is not a starting point for a network, for communication, or for architecture; it is a starting point of trust. Zero or more subordinate trust anchors could extend from the root downward, and the leaves representing end entities are at the bottom. We can consider the model as a big trust tree. Subordinate trust anchors may certify trust in themselves, or they may certify yet other subordinate trust anchors that certify trust in turn. The leaf, or end entity's, trust is verified by tracing backward from its certifier to other subordinate trust anchors until the root is found.
Once a basic attack tree is completed, you can assign values to each leaf node. These values are often called ____.
Free
(Multiple Choice)
4.8/5 (31)
(31) Correct Answer:Verified
VerifiedD
In a ____, the tree is structured as a shallow hierarchy where there is no subordinate CAs.
Free
(Multiple Choice)
4.8/5 (40)
(40) Correct Answer:Verified
VerifiedD
____ speed up the overall development process by providing tested and proven development paradigms.
(Multiple Choice)
4.7/5 (39)
(39) The original definition of ____ is a software security vulnerability in Web applications that can be used by an attacker to compromise the same origin policy of client-side scripting languages.
(Multiple Choice)
4.8/5 (39)
(39) The goal of the ____ attacker is to inject a SQL query/command as an input, possibly via Web pages.
(Multiple Choice)
4.8/5 (36)
(36) In an attack tree, each path tracing from the root node to a leaf node represents a unique way to achieve the goal of the attacker. This path is also called a(n) "____."
(Multiple Choice)
4.7/5 (40)
(40) ____ is a security vulnerability when malicious client-side script is injected into a Web application to gather sensitive user data.
(Multiple Choice)
4.7/5 (34)
(34) The ____ trust model is a general trust model that applies in the areas of e-commerce, Web services, and peer-to-peer (P2P) systems.
(Multiple Choice)
4.8/5 (35)
(35) ______________________________ is the best implementation of the web of trust model.
(Short Answer)
4.7/5 (39)
(39) Match each item with a statement below:
Correct Answer:Verified
VerifiedPremises:
Responses:
(Matching)
4.9/5 (33)
(33) ____ is a threat-rating system developed by Microsoft and is used to assess risk with great granularity.
(Multiple Choice)
4.9/5 (36)
(36) The digital certificate used by PGP is equal to the standard X.509 certificate.
(True/False)
4.8/5 (39)
(39) ____ is a security vulnerability at the application level using a database.
(Multiple Choice)
4.8/5 (32)
(32) What are some of the characteristics of a centralized system that implements a reputation trust model?
(Essay)
4.9/5 (37)
(37) ____ risk is one that affects only individuals and not the entire organization.
(Multiple Choice)
4.9/5 (28)
(28) 
Filters
- Essay(0)
- Multiple Choice(0)
- Short Answer(0)
- True False(0)
- Matching(0)