var quiz = {
questions : [
{
text : 'Loren is learning about multiprogramming operating systems and some of the security concerns with them. Which of the following is a security risk when using a multiprogramming system?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'Side channel attacks',
'Maintenance hooks',
'Object reuse
',
'Timing attacks '
],
answer : 2,
score : 1,
expandedAnswer : 'When an operating system allows more than one process to run on a system, many times the processes have to share resources. There is always a concern that one process can write data to a resource that another process may be able to access. The necessary countermeasures need to be built into the system to ensure that this does not take place.',
moreInfo : ''
},
{
text : 'What is the goal of traffic analysis?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'Even without being to understand what is being transmitted from one point to another, the volume of traffic can be an indicator of something about to happen.
',
'To know the best routes to send data to insure that it arrives quickly and securely.',
'To know the best routes to and from the office in the morning and in the evening.',
'None of these answers is correct.'
],
answer : 0,
score : 1,
expandedAnswer : 'Even without beginning to understand what is being transmitted from one point to another, the volume of traffic can be an indicator of certain types of activities. These sudden increases can be a precursor to the start of a big event. For example, orders and attack instructions can be passed along to military units just before the start of a major offensive.',
moreInfo : 'Learn how to control ingress and egress traffic using firewall rules.'
},
{
text : 'TCSEC is short for what?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'Timed Computer Security Evaluation Codes.',
'Trusted Confidential System Evaluation Criteria.',
'Trusted Computer System Evaluation Criteria.
',
'None of these answers is correct.'
],
answer : 2,
score : 1,
expandedAnswer : 'Trusted Computer System Evaluation Criteria. The others are incorrect meanings for this acronym.',
moreInfo : ''
},
{
text : 'Which of the following is not a characteristic of Lattice Based Access Control?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'A form of MAC where security classes are set up to control how subjects access objects.',
'Every pair of elements (subject and object) has a partially ordered set with a greatest lower bound and least upper bound of access rights.',
'Rules are set up to prevent the flow of all information from one class to another.
',
'Rules are set up to dictate the flow of all information from one class to another.'
],
answer : 2,
score : 1,
expandedAnswer : 'The model controls how subjects access objects; it thus dictates the way that information flows within the system. It cannot prevent all information from flowing, because nothing would be communicating and the system would not be processing data. ',
moreInfo : ''
},
{
text : 'The Brewer and Nash model was created to?',
img : 'http://media.techtarget.com/WhatIs/images/spacer.gif',
responses : [
'Allow users access to information that can be deemed as a conflict of interest.',
'Limit access controls from one use to the next.',
'Provide access controls that can change dynamically depending upon a user\'s previous actions.
',
'None of these answers is correct.'
],
answer : 2,
score : 1,
expandedAnswer : 'Provide access controls that can change dynamically depending upon a user\'s previous actions. The specific reason for the model is to reduce the potential of conflicts of interest. The other answers were not the specific reasons that the Brewer and Nash Model were created.',
moreInfo : ''
}
]
};