Chapter 9 Flashcards
What describes where multiple concurrent tasks can operate under a single process?
Multithreading
What ring has the highest level of privilege and usually the kernel resides on this level.
Ring 0
What ring deals with the various tasks, operations performed, processes switched and so forth.
Ring 1
What ring deals with I/O drivers and system utilities resides and can access peripheral devices and other special files.
Ring 3
What ring runs in user mode ?
Ring 3
What rings run in supervisory/privilege mode ?
Ring 0-2
What processing state represents when a process can resume or begin processing as soon as it is schedule for execution.
Ready
What processing state represents when a process executes on a CPU and keeps going until it finishes, its time splice expires, or is blocked.
Running
What processing state represents when a process is ready for continued execution but is waiting for I/O to be serviced before it can continue processing.
Waiting
What processing state represents when a process must perform an action that requires privileges that are greater than the problem state’s set of privileges.
Supervisory
What is the most common type of flash memory ?
NAND
How many registers does a typical CPU have?
8 to 32
When the CPU needs information from one of its registers to complete an operation, what does it use ?
Register Address
What is not a memory addressing scheme but rather a way of referring to data that is supplied to the CPU as part of its instruction.
Immediate Addressing
What is more flexible than immediate addressing?
Direct Addressing
What describes where the CPU is provided with an actual address of the memory location to access ?
Direct Addressing
What uses a scheme similar to direct addressing?
Indirect Addressing
What describes where the CPU reads one address and is then given the actual address where the data resides.
Indirect Addressing
What uses a value stored in one of the CPUs’s registers or pointers as the base location from which to begin counting.
Base+Offset Addressing
What is the most common type of virtual memory ?
Pagefile/Swapfile
What contains data previously stored in real memory but not recently used ?
Pagefile/Swapfile
What is a special type of secondary memory that is used to expand the addressable space of real memory?
Virtual Memory
What term is commonly used to refer to magnetic, optical, or flash based media or other storage devices?
Secondary Storage
What is the primary drawback with virtual memory ?
Paging operations that occur between primary and secondary memory is slow
What is a common sequential storage device ?
Magnetic Tape Drive
What attack freezes memory chips to delay the decay of resident data when the system is turned off.
Cold Boot Attack
What is an effective safeguard against emanation attacks ?
TEMPEST
What describes a box, mobile room, or entire building designed with external metal skin that surround the outside.
Faraday Cage
What is a TEMPEST countermeasure that implements both a faraday cage and white noise to protect a specific area.
Control Zone
What are all the techniques that can protect against emanation?
Shielding, TEMPEST countermeasures, and antenna management
What replaced BIOS?
UEFI
What provides support for larger hard drives, faster boot times, enhanced security features, and use a mouse during BIOS changes.
UEFI
What describes the implementation of a malicious variation of official BIOS or firmware is installed?
Phlashing
What ensures that only drivers and OSs that are pre approved by digital certificate is installed?
Boot Attestation/Secure Boot
What protects against rootkits and backdoors when the system is booting ?
Boot Attestation/Secure Boot
What is an optional feature of UEFI that takes a hash calculation of every element involved in the booting process?
Measured Boot
What prohibits JavaScript code from accessing content from another origin?
Same-Origin Policy
What are some ways to protect your website from JavaScript exploitation?
Keep browsers updated (client-side)
Implement JavaScript subsets (ADsafe, Caja, Secure ECMAScript) (server-side)
Use a content security policy
What attempts to enforce same-origin restrictions for most browser side active technologies.
CSP
What are some browser helper objects and extensions that help reduce JavaScript exploitation?
Firefox NoScript
Edge and Chrome UBlock
What describes where processors share not only a common OS, but also a common data bus and memory resources.
SMP
What describes where processors operate independently and have their own OS, data bus, and memory resources.
AMP
What describes where numerous AMP systems are linked together to complete one task?
MPP
What is similar to grid computing but has no central management system and services are done in real time.
Peer to peer
What are some security concerns with peer to peer computing?
Pirating copyright materials
Eavesdropping on distributed content
Lack of central control/oversight
All services being consumed at once
What are some industrial control systems?
DCS
PLC
SCADA
What Industrial control system focuses on processes and is state driven?
DCS
What industrial control system focuses on data-gathering and is event driven?
SCADA
Which industrial control system is suitable for managing systems over large geographic areas?
SCADA
What industrial control system is more suitable for large scale environments in a single location?
DCS
What are some common security controls for DCS, PLC, and SCADA systems?
Isolating networks
Limiting access logically and physically
Code restrictions
Logging activity
What are some common DCE IDLs?
RPC
CORBA
DCOM
What are some security concerns with DCEs?
Interconnectedness of components
Access by unauthorized users
Masquerading, impersonation, or spoofing attacks
Security control bypass or disablement
Communication eavesdropping
Insufficient authentication
Lack of monitoring, logging, and auditing
Accountability issues
What are two ways to secure DCEs?
Encryption
Strong multi factor authentication
What happens when a service is running on insufficient resources, has an unforeseen traffic spike, or when supporting systems fail.
Benign DoS
When is a hard-real time solution for RTOS used?
Mission Critical Operations
When is a soft real-time solution for RTOS used ?
Consumer electronics
What type of RTOS system will switch between operations or tasks based on pre assigned priorities?
Event-driven RTOS
What type of RTOS system will switch between operations or tasks based on clock interruptions or specific time intervals.
Time-sharing RTOS
What are some security concerns with RTOS?
Use of custom code that could include bugs or flaws
May process bogus datasets or requests by malware
What are ways to secure RTOS systems?
Isolation
Communication monitoring
What are some ways to secure IoT devices ?
Deploy a separate network
Keeping systems patched
Limiting physical and logical access
Monitoring all activity
Implementing firewalls and filtering
What are some examples of microcontrollers?
Raspberry Pi
Arduino
FPGA
What describes the use of classification labels on data and packets?
Logical Isolation
What describes the implementation of network segmentation or air gaps between networks of different security levels ?
Physical Isolation
What occurs when an org deploys numerous VMs without an overarching IT management or security plan in place?
VM sprawl
How can you prevent/avoid a VM sprawl?
Establishing a policy for developing and deploying VMs
When occurs when software within a guest OS is able to breach isolation protection provided by the hypervisor to violate the container of other guest OSs?
VM Escape
What are some ways to stop/mitigate VM escape ?
Keep sensitive systems and data on separate physical machines
Keep all hypervisor softwares current with vendor patches
Monitor attack, exposure, and abuse indexes
What was intended to replace MDM and EMM and is a single management platform to support mobile devices, IoT, PC, wearables, and ICS.
UEM
What prevents any and all software including malware from execution unless they’re on the pre approved list?
Application Allow Listing / Whitelisting
What is the activity of of installing an app on a device by bringing the installer file to the device through a file transfer or USB?
Side loading
What can prevent side loading ?
Enforcing all apps to be digitally signed
What conveys information by altering the performance of a system in a predictable manner?
Covert Timing Channel
What conveys information by writing data to a common storage area where another process can read it ?
Covert Storage Channel
What malware can hid from detection, and prevent its files and processes from being viewed?
Rootkit
What are two forms of incremental attacks ?
Salami
Data Diddling
What happens when an attacker gains access to a sys and makes small incremental changes to data during storage, processing input, and output ?
Data Diddling
What are ways to protect against data diddling ?
Encrypting file systems
File Monitoring integrity checking
What attack represents where an attacker slowly steals away at assets or other records of financial value?
Salami
What are ways to protect against salami attacks ?
Separation of duties
Proper employee education
Control over code
What describes the change in how hardware management is viewed as another collection to be managed the same way software is managed.
IaC
What is a framework to automate the processes of network monitoring and response?
SDV
What is the concept of replacing physical elements with solutions provided virtually by a third party provider.
SDDC / VDC
