3.4 Vulns, Threats, Countermeasures

Question 1

protection rings

Answer 1

0 OS kernel / memory (priv.)
1 other OS components (priv.)
2 drivers, protocols (priv.)
3 user level programs, apps (user mode)

communication via system calls

Question 2

memory

Answer 2

ROM: not writable
PROM: once writable
EPROM: rewritable, uv light
EEPROM: rewritable, electrical

Question 3

covert channel

Answer 3

any method that is used to pass information over a path that is not normally used for communication and not protected. violates sec policy

storage channels
timing channels

Question 4

TOCTOU

Answer 4

time-of-check-to-time-of-use discrepancy could be an opportunity for an attacker

Question 5

security modes

Answer 5

dedicated systems: clearance, permissions and need to know for all users and info

system high mode: clearance, permissions — minus need to know

compartmented mode: clearance — minus access permissions and need to know

multilevel: no requirements

Question 6

execution types

Answer 6

only multiprocessing uses more than 1 cpu

Question 7

WORM storage

Answer 7

write once read many

used to support records retention for legal or regulatory compliance. assures integrity

Question 8

DEP

data execution prevention

Answer 8

prevents data execution in memory locations that are not predefined to contain executable content

Question 9

ASLR

assress space layout randomizatio

Answer 9

makes explotation difficult by randomizing memory addresses

Question 10

government cloud

Answer 10

keeps data and resources contained within the borders of one country

Question 11

maintenance hook

Answer 11

backdoor by system designers for effective system checking during development

Question 12

OWASP

open web app security project

Answer 12

OWASP TOP10 provides guidance on 10 most significant app sec risks