Can we override private methods? If so, explain a scenario in which we would do so. If not, explain why.

Please read carefully: The remaining questions from this exam are all part of the same problem, divided into many smaller questions. You will be asked to write 2 classes: Pirate (an abstract class) and SpacePirate (a concrete class, and child of Pirate). Each question will indicate the part and class you will be working on. Do NOT write getters and setters unless otherwise indicated. You won’t need any that are not indicated (and you cannot use any that are not indicated). Do NOT write Javadocs. All your constructors and methods should be visible to all classes unless otherwise noted in their description. All your instance variables and class variables should have the strictest visibility modifier. When asked for constructors or methods, do not repeat the class header or any other code. Constructors and setters must use parameter names that are the same as the related instance variable(s). You should use constructor chaining in all constructors where it can be properly applied. Your chaining must reduce the necessary code in the constructors as much as possible. You don’t need null-checks for Strings or arrays. Syntax, capitalization, and spelling matter. Canvas Tip for all Qs: Click on the dropdown that says “Paragraph” and switch to “Preformatted” to get a monospaced font – this can help in coding answers The questions begin below.

Constructor chaining … (select one)

Write the class header and the variable declarations (a class without constructors or methods, with correct syntax) for Pirate (an abstract class). Besides a name, a Pirate has a bounty that represents the reward for capturing the pirate and an amount of gold that reflects the Pirate’s wealth. Pirate has the following variables: name (String) bounty (int) gold (int) pirateCount (this variable, an int, is shared between all instances and keeps track of how many pirates exist. Make sure it starts at 0)

Inheritance reduces the need to ______________ existing code.  (select one)

Write a method for Pirate called payBounty. This method doesn’t take any parameters or return a value. The pirate will pay as much of their bounty as possible. If the amount of gold they have meets or exceeds their bounty, it will deduct the bounty from the gold and set the bounty to 0. Otherwise, the pirate will pay as much of their bounty as possible by deducting the gold from their bounty and setting their gold to 0. Tip: This is equivalent to deducting the minimum of bounty and gold from the two instance variables.

Write an equals method for SpacePirate. Two instances of SpacePirate are equal if their parent’s variables are equal and if they have the same crewSize and spaceship. You must use the parent’s equals method for credit.

Write a constructor for SpacePirate. The constructor will take the name, bounty, gold, crewSize, and spaceship, and set all instance variables appropriately. Remember that you cannot directly assign to the variables in Pirate, and that SpacePirate is a child class.

These questions are from the discretionary and mandatory access control modules. All students in a class belong to a group G and are able to access class resources because G is granted the necessary permissions. Assume Alice has tested out of a topic and does not need to take the quiz Q on this topic. The professor does not want Alice to have access to Q but wants Alice to remain in group G so she can access other resources. Also, the professor wants to grant access to Q to all other students by granting the desired access to G. The mechanisms provided by various operating systems can be used to meet this access control requirement. Explain how this can be achieved most efficiently and correctly in Linux with extended access control lists (EACLs) and in Windows. First, provide the access control entries (ACEs) for Alice and G with their types and permissions for the quiz Q in each system. After this, discuss which of these ACEs will be checked if Alice tries to gain access to the quiz Q and is denied access. (2+2+2+2  pts.) The Bell and La Padula (BLP) and Biba models address confidentiality and integrity of data in a system that supports mandatory access control. A system allows read-down as is done by BLP, and writes by a user are only allowed at the user’s level (no writes to higher levels are allowed). Does this system satisfy the confidentiality and integrity goals of the BLP and Biba models? First, describe the BLP and Biba requirements and then explain if the requirements of each model are satisfied. (2+2+2+2 pts.) A certain company has many customers and some of them have conflict-of-interest (CoI) relationships. Also, employees can only access company data by executing applications approved by the company based on the functions they perform in the company. The people responsible for access provisioning in this company came up with the following scheme.  All files of a given customer must be stored in a single directory (it could be a container-like unit when using cloud storage). Initially, users are allowed to execute applications based on their needs and each application is granted access to files required for its execution. Access could be removed when applications execute. In particular,  when user U executes application A which accesses files from customer C’s directory, access to all files in directories of customers who have a CoI relationship with C is turned off for application A when it is executed by U.   Give two examples of policies discussed in the mandatory access control module of the course that could be used to control access to documents by this company. Explain your answer by discussing the specific data access requirements of the company that are satisfied by each policy. (2+2 pts.)  Does the suggested implementation correctly enforce each policy that you recommend for the company? Provide a brief justification for your answer. (4+4 pts.)

The scores on a test have been organized into the stem-and-leaf plot below.    What is the range of this data?