3 to 4 line answers only each.No Plagarism.$25Need by 10/9/2

3 to 4 line answers only each.No Plagarism.$25Need by 10/9/2016 – 10:00 AM 1. Distinguish between vulnerability, threat, and control. 2. Theft usually results in some kind of harm. For example, if someone stealsyour car, you may suffer financial loss, inconvenience (by losing your mode oftransportation), and emotional upset (because of invasion of your personalproperty and space). List three kinds of harm a company might experience fromtheft of computer equipment. 3. List at least three kinds of harm a company could experience from electronicespionage or unauthorized viewing of confidential company materials. 4. List at least three kinds of damage a company could suffer when the integrityof a program or company data is compromised. 5. List at least three kinds of harm a company could encounter from loss ofservice, that is, failure of availability. List the product or capability to whichaccess is lost, and explain how this loss hurts the company. 6. Describe each of the following four kinds of access control mechanisms interms of (a) ease of determining authorized access during execution, (b) ease ofadding access for a new subject, (c) ease of deleting access by a subject, and (d)ease of creating a new object to which all subjects by default have access.• per-subject access control list (that is, one list for each subject tellsall the objects to which that subject has access)• per-object access control list (that is, one list for each object tells allthe subjects who have access to that object)• access control matrix• capability 7. Suppose a per-subject access control list is used. Deleting an object in such asystem is inconvenient because all changes must be made to the control lists ofall subjects who did have access to the object. Suggest an alternative, less costlymeans of handling deletion. 8. File access control relates largely to the secrecy dimension of security. Whatis the relationship between an access control matrix and the integrity of theobjects to which access is being controlled? 9. One feature of a capability-based protection system is the ability of oneprocess to transfer a copy of a capability to another process. Describe a situationin which one process should be able to transfer a capability to another. 10. Suggest an efficient scheme for maintaining a per-user protection scheme.That is, the system maintains one directory per user, and that directory lists allthe objects to which the user is allowed access. Your design should address theneeds of a system with 1000 users, of whom no more than 20 are active at anytime. Each user has an average of 200 permitted objects; there are 50,000 totalobjects in the system. 11. Give an example of the use of physical separation for security in a computingenvironment. 12. Give an example of the use of temporal separation for security in a computingenvironment. 13. Give an example of an object whose sensitivity may change during execution. 14. Respond to the allegation “An operating system requires no protection for itsexecutable code (in memory) because that code is a duplicate of codemaintained on disk.” 15. Explain how a fence register is used for relocating a user’s program. 16. Can any number of concurrent processes be protected from one another byjust one pair of base/bounds registers? 17. The discussion of base/bounds registers implies that program code is execute onlyand that data areas are read-write-only. Is this ever not the case? Explainyour answer. 18. A design using tag bits presupposes that adjacent memory locations holddissimilar things: a line of code, a piece of data, a line of code, two pieces ofdata, and so forth. Most programs do not look like that. How can tag bits beappropriate in a situation in which programs have the more conventionalarrangement of code and data? 19. What are some other modes of access that users might want to apply to codeor data, in addition to the common read, write, and execute permission? 20. If two users share access to a segment, they must do so by the same name. Musttheir protection rights to it be the same? Why or why not?