Answer from cs61c-ay (Peter Lau 16743989) for Question 1
malicious code could be slipped into memory and disguised as non-executable data. This is possible because machine instructions are just data words loaded into memory data.