1. What is a protection domain?
Correct Answer: a) A set of access rights for a process
Explanation: A protection domain defines what system resources a process can access and what operations it can perform. Each user/process operates within a specific domain.
2. Which of the following is part of a protection domain?
Correct Answer: b) Access control list (ACL)
Explanation: ACLs define which users/system processes can access specific resources and what operations they can perform, forming part of the protection domain.
3. How are protection domains enforced?
Correct Answer: a) By the operating system kernel
Explanation: The OS kernel manages protection domains through mechanisms like memory management units (MMUs), system calls, and hardware-enforced privilege levels.
4. What is an access matrix?
Correct Answer: a) A table defining permissions between subjects and objects
Explanation: The access matrix model represents protection domains (rows) and objects (columns), with matrix entries specifying access rights (read, write, execute, etc.).
5. Which of the following represents a row in an access matrix?
Correct Answer: a) Domain
Explanation: Each row represents a protection domain (subject), while columns represent objects, and cells contain the access rights that domain has for each object.
6. What is an Access Control List (ACL)?
Correct Answer: a) A column of the access matrix for an object
Explanation: An ACL is associated with each object and lists which domains/users have what access rights to that object (vertical implementation of the matrix).
7. Which data structure is commonly used to implement an access matrix?
Correct Answer: b) Access Control Lists (ACLs) and Capability Lists
Explanation: ACLs (object-centric) and capability lists (subject-centric) are the two primary implementations of the abstract access matrix model.
8. What is a capability list?
Correct Answer: a) A row-wise implementation of the access matrix
Explanation: A capability list is associated with each subject and contains tickets/capabilities representing their access rights to various objects.
9. Which is more efficient for large systems?
Correct Answer: b) Capability Lists
Explanation: Capability lists scale better in large systems because checking permissions doesn't require searching through potentially large ACLs for each access.
10. Which is a common network threat?
Correct Answer: a) Denial-of-Service (DoS) attack
Explanation: DoS attacks overwhelm systems with excessive requests (SYN floods, UDP floods) to make resources unavailable to legitimate users.
11. What is a Man-in-the-Middle (MitM) attack?
Correct Answer: a) An attacker intercepts communication between two parties
Explanation: MitM attacks involve secretly relaying/altering communications between parties who believe they're directly communicating (e.g., via ARP spoofing or rogue access points).
12. Which attack floods a network with excessive traffic?
Correct Answer: b) DoS attack
Explanation: DoS (Denial-of-Service) attacks overwhelm targets with traffic from single (DoS) or multiple (DDoS) sources, exhausting bandwidth or system resources.