| 1: | What motives were behind the break-in of the NORAD computer system in the movie WarGames? |
| A1: | Use/Leverage. Maybe a bit of Challenge/Prestige. |
| 2: | True or False: Threat modeling is an informal process done by the software testers to decide where best to apply their tests for security vulnerabilities. |
| A2: | False. It is a formal process performed by the entire team. |
| 3: | The JPEG Virus was caused by a buffer overrun bug. Look back to the Generic Code Review Checklist in Chapter 6. What two categories of checks best describe why this overrun occurred? |
| A3: | Computation Errorsthe value was only expected to be positive. When it went negative, it became a huge positive number. Data Reference Errorsbecause when the value became a huge positive number, the destination buffer was not limited to the size of the comment (65533 bytes). |
| 4: | The Most Recently Used (MRU) file list that appears when you attempt to open a file in a standard Windows application is an example of what type of data that could be a security vulnerability? |
| A4: | Latent Data. |
| 5: | What are the two types of extra, potentially unsecure, data that can be unintentionally written when a file is saved to a disk? |
| A5: | RAM Slack and Disk Slack. |