Chapter 12: Security Architecture Vulnerabilities, Threats, and Countermeasures

Question 1

What is multitasking?

Answer 1

Handling two or more tasks simultaneously (or time slicing to appear so)

Question 2

What is multiprocessing?

Answer 2

Harnessing the power of more than one processor to complete the execution of a single application.

Question 3

What is symmetric multiprocessing?

Answer 3

A single computer/operating system controlled by one OS, sharing data and memory resources.

Question 4

What is massively parallel processing?

Answer 4

Each processor has its own operating system and memory bus/resources.

Question 5

What is multiprogramming?

Answer 5

The pseudosimultaneous execution of two tasks on a single processor coordinated by the operating system as a way to increase operational efficiency.

Question 6

What is multithreading?

Answer 6

Multiple concurrent tasks performed within a single process.

Question 7

What are the ways in which processing information of different security levels has been addressed?

Answer 7

Single state and multistate systems. Single state systems use policy mechanisms, requiring approval of a system to process only a single security level at a time. Multistate systems are certified to handle multiple levels simultaneously using protection mechanisms.

Multistate systems are uncommon because they’re expensive.

Question 8

What is in protection ring 0?

Answer 8

OS kernel/memory resident components

Question 9

What is in protection ring 1?

Answer 9

Other OS components

Question 10

What is in protection ring 2?

Answer 10

Drivers, protocols, etc

Question 11

What is in protection ring 3?

Answer 11

User level programs and applications.

Question 12

What is a process state?

Answer 12

The various forms of execution in which a process may exist. Supervisor mode == privileged, all access. Problem mode = user mode, all access requests must be checked.

Question 13

What are the four approved security modes for systems that process classified information?

Answer 13

Dedicated, system-high, compartmented, multilevel

Question 14

Describe dedicated mode

Answer 14

.

Question 15

Describe system-high mode

Answer 15

.

Question 16

Describe compartmented mode

Answer 16

.

Question 17

Describe multilevel mode.

Answer 17

.

Question 18

Security mode table

Answer 18

.

Question 19

What is the primary advantage of ROM?

Answer 19

It can’t be modified.

Question 20

What is PROM?

Answer 20

Programmable Read Only Memory. A user can write it once.

Question 21

What is EPROM?

Answer 21

Erasable PROM. Has a small window that when illuminated with UV light erases the chip. Reusable.

Question 22

What is EEPROM?

Answer 22

Electronically erasible PROM. Doesn’t require the UV light. Some BIOS are this.

Question 23

What should you do with any memory devices prior to allowing them to leave?

Answer 23

Purge them. Includes memory.

Question 24

What is the difference between primary vs secondary storage?

Answer 24

Primary is RAM. Secondary is all the familiar long term storage devices, like hard drives.

Question 25

What is DMA?

Answer 25

Direct memory access. More detail. p 500.

Question 26

What is RAID 0?

Answer 26

Striping

Question 27

What is RAID 1?

Answer 27

Mirroring

Question 28

What is RAID 2

Answer 28

Hamming code parity

Question 29

What is RAID 3?

Answer 29

Byte-level parity

Question 30

What is RAID 4?

Answer 30

Block level parity

Question 31

What is RAID 5?

Answer 31

Interleave parity

Question 32

What is RAID 6?

Answer 32

Second parity data

Question 33

What is RAID 10?

Answer 33

Raid 1 + RAID 0

Question 34

What is RAID 15?

Answer 34

RAID 1 + RAID 5

Question 35

What is an applet?

Answer 35

A code object sent from a server to be run on the client.

Question 36

What is cloud computing?

Answer 36

A concept of computing where processing and storage are performed elsewhere over a network connection rather than locally.

Question 37

What are the security issues with cloud computing?

Answer 37

Privacy concerns, regulation compliance difficulties, use of open/closed-source solutions, adoption of open standards, and whether cloud-based data is secured (or even securable).

Question 38

What is Paas?

Answer 38

Platform as a service. Hardware and OS.

Question 39

What is SaaS.

Answer 39

Provides on-demand access to specific software applications or suites without the need for local installation. Office 365, for example.

Question 40

What is IaaS?

Answer 40

Infrastructure as a service. Utility or metered computing. Administrative task automation, dynamic scaling and virtualization.

Question 41

What is Grid Computing?

Answer 41

A form of parallel distributed processing that loosely groups a significant number of processing nodes to work toward a specific processing goal. members of the grid can enter or leave. Partial calculations, state saving.

Question 42

Describe Peer to Peer (P2P) computing.

Answer 42

Like grid, but no central management. Skype, Bittorrent, Spotify.

Perceived inducement to copyright infringement, ability to eavesdrop, ability for services to consume all bandwidth.

Question 43

Finish page 510

Answer 43

.