1. System Security
a) (not ans) The Trusted Computing Group (TCG) defines trust to be "the expectation that a device will behave in a particular manner for a specific purpose."

(ans) CRTM (Core Root of Trust for Measurements) : If the programme code is stored permanently on the tamper proff TPM then it is reasonable to assume that it is trustworthy. Thus there is no need to check its integrity making this the ideal place for storing programs which carries out integrity checks on all other platform devices and code. Such a root of trust is what TCG refers to as the CRTM. 

b) If a platform is to be trusted it is important that it has some means of measuring the integrity of the of the process it is running. This measurement should return some integrity metric that can be compared with acceptable values for a trusted platform.  

c) System services are dependent on the run time while a device driver is loaded during boot and a compromised device driver is exploitable even if the OS is reinstalled. 

d) SELinux vs ARM TrustZone.
Boot time integrity (ARM TrustZone) vs run time integrity (applied after DAC through per program policy files). 

2. Identification and authentication
a) is in old exams

b) is in old exams

c) in slides

3. Network Security
a)

b) Shared secret using Diffie-Hellman key exchange:

   1. Bob and Alice agree on a arbitrary very large number that does not need to be secret but should be different every key exchanges.
   2. Bob and Alice both choose a secret which they do not share.
   3. Bob and Alice both mix their secret with the shared arbitrary very large number.
   4. Bob and Alice both share their mix with eachother publicly.
   5. Bob and Alice takes the shared mix they have received and mix with their own secret.
   6. The combination of the received mix and secret makes up the common secret which is now know by both Bob and Alice.

4. Risk analysis
a) Attack Trees:

Represent attacks against the system in a tree structure with the root node as the goal. Leaf nodes represents steps which may lead to achieving the goal (root node). It is constructed by analyzing the attack surfaces which the system might be compromised.

b) Electronic Vaulting:
   An remote site which entire database backups are stored. The remote location maybe an alternative hot site, offsite location, or a service purchased from a contractor (e.g. tarsnap). Restoring the database from the backup usually takes longer time since the entire database needs to be written back to the new system.

   Remote Mirroroing:
   A live mirror of the database is maintained at a remote site. The mirror gets new entries at the same time as the live database. The backup server is ready to go at an instant, but is usually more expensive since the backup server needs to be running all the time to receive database updates (wouldent call it a backup server more like redundant server, wtf slides!!!!!!!). 

c) BCP (Business Continuty Plan) four stages:
   1. Project scope and planning
   2. Business impact assesment
   3. Continuity planning
   4. Approval and implementation