She has access to records classified as "Confidential" but should not access "Top Secret"
☑Kizspy.me
a. Which model should be enforced to ensure she cannot read data at a higher
classification level?
b. Explain how this model works in terms of "read" and "write" rules.
c. What is one potential limitation of using this model alone in a real-world hospital
system?
Note: Explain your answer in details
Question 2: (2 marks)
You are designing an authentication system using RSA SecureID tokens for a corporate
intranet.
. Describe how the RSA SecureID token works to authenticate a user.
.
How does this approach resist replay attacks?
Note: Explain your answer in details
Question 3:
Question 3.1: (3 marks)
A system is protected using a weak encryption scheme. The attacker performs a brute-
force attack and successfully obtains the plaintext.
.
Define brute-force attack and explain how it works.
.Estimate how long it would take to crack a 40-bit key using a machine capable of 1
billion key attempts per second.
Note: Explain your answer in details
Zoom
+ 65%
Close
