Description
1. [20 points] 15.1 Buffer-overflow attacks can be avoided by adopting a better
programming methodology or by using special hardware support. Discuss these
solutions.
2. [20 points] 15.2 A password may become known to other users in a variety of ways.
Is there a simple method for detecting that such an event has occurred? Explain your
answer.
3. [20 points] 15.4 The list of all passwords is kept within the operating system. Thus, if
a user manages to read this list, password protection is no longer provided. Suggest
a scheme that will avoid this problem. (Hint: Use different internal and external
representations.)
4. [20 points] 15.11 What commonly used computer programs are prone to man-in-themiddle attacks? Discuss solutions for preventing this form of attack.
5. [20 points] 15.12 Compare symmetric and asymmetric encryption schemes, and
discuss the circumstances under which a distributed system would use one or the
other.