What is the term referring to the amount of reliance placed on each particular mechanism in the security analysis framework?  (ONE WORD ONLY)

 Which one (ones) of the following statements is (are) correct? __________

1.  Conficker botnet targtes IoT devices.

2.  DGA algorithms make it easy for the defenders to locate the C&C servers.

3.  The dropper component of malware is the actual code that causes damage to the victims' system.

4.  Spam has made webmail services such as Gmail or Hotmal less popular. 

5.  Ransomware is always operated by hacking experts. 

 Which one (ones) of the following statements is (are) incorrect? __________

1.  The term "secrecy" includes the concept of access control.

2.  Confidentiality means a duty to protect an organization's secrets if you know them.

3.  In cryptography, "confidentiality" is used interchangeably with "secrecy"

4.  Privacy is secrecy for the benefit of the organisation. 

5.  Integrity means that the given information has not been changed. 

 Which one (ones) of the following statements is (are) incorrect? __________

1.  Hactivism is closely related to social media utilisation.

2.  Ransomware uses cryptographic techniques related to encryption.

3.  The codename "Prism" is about collecting intelligence from international fibre optic cables.

4.  Mass surveillance could invade privacy. 

5.  Hactivism is often motivated by politics. 

 Which one (ones) of the following statements is (are) correct? __________

1.  Economics is not a field of study that is related to security engineering.
2.  "Security theatre" merely produces a feeling of security rather than real security.  
3.  The sound definition of "system" should exclude customers. 

4.  Security engineers need to think adversarially.
5.  Security requirements are the same across all the systems. 

 Which one (ones) of the following statements is (are) correct? __________

1.  The protection profile should be written in a device-dependent way.

2.  "Danger" and "Risk" can be defined using the probability concept.

3.  "Hack" only refers to the activity that causes users harm.

4.  The concepts of authenticity and integrity are equivalent. 

5.  There should not be ambiguity in the safety policy. 

Which one (ones) of the following statements is (are) correct? __________

1.  A port number can be a principal in security.

2.  A subject in security can be government. 
3. "Role" is a set of functions a person performs. 
4.  Identity simply means "name".

5.  A trusted electronic banking system cannot be trustworthy. 

What is the term referring to the data about data that the NSA is believed to have collected on a large scale? (ONE WORD ONLY)