1. In your own words define and explain the buffer overflow attack. (5 Points)
2. Describe a programming situation in which least privilege is a good strategy to improve security. (5 Points)
3. (a) You receive an email message that purports to come from your bank. It asks you to click a link for some reasonable-sounding administrative purpose. How can you verify that the message did come from your bank?
(b) Now play the role of an attacker. How could you intercept the message described in part
(a) and convert it to your purposes while still making both the bank and the customer think
the message is authentic and trustworthy? (5 Points)
4. UNDO is a recovery operation for databases. It is a command that obtains information from a transaction log and resets the elements of a database to their values before a particular transaction is performed. Describe a situation in which an UNDO command would be useful (5 Points)