Chapter 9: Security Vulnerabilities, Threats, and Countermeasures

Question 1

the security design principle that indicates that organizations do not operate in isolation

Answer 1

Shared responsibility

Question 2

an initiative by the Department of Homeland Security (DHS) to facilitate the open and free exchange of indicators of compromise (IoCs) and other cyberthreat information between the U.S. federal government and the private sector in an automated and timely manner (described as “machine speed”)

Answer 2

Automated indicator sharing (AIS)

Question 3

any tangible part of a computer that you can actually reach out and touch, from the keyboard and monitor to its CPU(s), storage media, and memory chips.

Answer 3

hardware

Question 4

means handling two or more tasks simultaneously.

Answer 4

multitasking

Question 5

Today, most CPUs are ____. This means that the CPU is now a chip containing two, four, eight, dozens, or more independent execution cores that can operate simultaneously and/or independently.

Answer 5

multicore

Question 6

a _______ harnesses the power of more than one processor to complete the execution of a multithreaded application.

Answer 6

multiprocessor system

Question 7

It involves the pseudo-simultaneous execution of two tasks on a single processor coordinated by the OS as a way to increase operational efficiency.

Answer 7

Multiprogramming

Question 8

_______ permits multiple concurrent tasks to be performed within a single process.

Answer 8

Multithreading

Question 9

From a security standpoint, _____ organize code and components in an OS (as well as applications, utilities, or other code that runs under the OS’s control) into concentric rings

Answer 9

protection rings

Question 10

In the _____, a process is ready to resume or begin processing as soon as it is scheduled for execution.

Answer 10

ready state

Question 11

The _______ is when a process executes on the CPU and keeps going until it finishes, its time slice expires, or it is blocked for some reason (usually because it has generated an interrupt for I/O).

Answer 11

running state or problem state

Question 12

The_______ is when a process is ready for continued execution but is waiting for I/O to be serviced before it can continue processing

Answer 12

waiting state

Question 13

The _______ is used when the process must perform an action that requires privileges that are greater than the problem state’s set of privileges, including modifying system configuration, installing device drivers, or modifying security settings.

Answer 13

supervisory state

Question 14

When a process finishes or must be terminated (because an error occurs, a required resource is not available, or a resource request can’t be met), it goes into a _____ state.

Answer 14

supervisory state

Question 15

the storage bank for information that the computer needs to keep readily available.

Answer 15

memory

Question 16

memory the system can read but can’t change (no writing allowed).

Answer 16

Read-only memory (ROM)

Question 17

a ____ chip’s contents aren’t “burned in” at the factory as with standard ROM chips. Instead, a _____ incorporates special functionality that allows an end user to burn in the chip’s contents later.

Answer 17

PROM

Question 18

a nonvolatile form of storage media that can be electronically erased and rewritten.

Answer 18

Flash memory

Question 19

readable and writable memory that contains information a computer uses during processing.

Answer 19

Random access memory (RAM)

Question 20

There are two main types of RAM: _____ RAM and ____ RAM

Answer 20

dynamic and static

Question 21

The CPU also includes a limited amount of onboard memory, known as _______

Answer 21

registers

Question 22

When using memory resources, the processor must have some means of referring to various locations in memory. The solution to this problem is known as ______

Answer 22

memory addressing

Question 23

a term commonly used to refer to magnetic, optical, or flash-based media or other storage devices that contain data not immediately available to the CPU.

Answer 23

Secondary memory

Question 24

______ is a special type of secondary memory that is used to expand the addressable space of real memory.

Answer 24

Virtual memory

Question 25

______ are used to store information that may be used by a computer any time after it’s written.

Answer 25

Data storage devices

Question 26

the RAM that a computer uses to keep necessary information readily available to the CPU while the computer is running.

Answer 26

Primary memory

Question 27

includes all the familiar long-term storage devices that you use every day.

Answer 27

Secondary memory

Question 28

There is a memory compromise, called the_____ attack, that freezes memory chips to delay the decay of resident data when the system is turned off or the RAM is pulled out of the motherboard.

Answer 28

cold boot

Question 29

Data may remain on secondary storage devices even after it has been erased. This condition is known as _______.

Answer 29

data remanence

Question 30

The types of countermeasures and safeguards used to protect against emanation attacks are known as _____ countermeasures.

Answer 30

TEMPEST

Question 31

a term used to describe software that is stored in a ROM or an EEPROM chip. This type of software is changed infrequently (actually, never, if it’s stored on a true ROM chip as opposed to an EEPROM or flash chip) and often drives the basic operation of a computing device.

Answer 31

Firmware

Question 32

the legacy basic low-end firmware or software embedded in a motherboard’s EEPROM or flash chip. The ____ contains the OS-independent primitive instructions that a computer needs to start up and load the OS from disk.

Answer 32

Basic input/output system (BIOS)

Question 33

The process of updating the UEFI, BIOS, or firmware is known as _____.

Answer 33

flashing

Question 34

_______ is a feature of UEFI that aims to protect the local OS by preventing the loading or installing of device drivers or an OS that is not signed by a preapproved digital certificate.

Answer 34

Boot attestation or secure boot

Question 35

______ is an optional feature of UEFI that takes a hash calculation of every element involved in the booting process.

Answer 35

Measured boot

Question 36

____ are code objects sent from a server to a client to perform some action.

Answer 36

Applets

Question 37

The temporary storage of files downloaded from internet sites that are being held by the client’s utility (typically a browser) for current and possibly future use.

Answer 37

Temporary internet files or the internet files cache

Question 38

A _____ is used to spread or distribute network traffic load across several network links or network devices.

Answer 38

load balancer

Question 39

______ technologies are networking and distributed application solutions that share tasks and workloads among peers.

Answer 39

Peer-to-peer (P2P)

Question 40

A ____ is a collection or ledger of records, transactions, operations, or other events that are verified using hashing, timestamps, and transaction data.

Answer 40

blockchain

Question 41

______ systems are computing platforms designed to perform complex calculations or data manipulations at extremely high speeds.

Answer 41

High-performance computing (HPC)

Question 42

An HPC solution is composed of three main elements: _____ resources, _____ capabilities, and _____ capacity.

Answer 42

compute, network, storage

Question 43

A ______ is designed to process or handle data as it arrives on the system with minimal latency or delay.

Answer 43

real-time operating system (RTOS)

Question 44

______ is a derivative of IoT that focuses more on industrial, engineering, manufacturing, or infrastructure level oversight, automation, management, and sensing.

Answer 44

Industrial Internet of Things (IIoT)

Question 45

______ is a philosophy of network design where data and the compute resources are located as close as possible in order to optimize bandwidth use while minimizing latency.

Answer 45

Edge computing

Question 46

A _____IT environment is any system that is intended to remain unchanged by users and administrators.

Answer 46

static

Question 47

_______ systems include the check-in kiosk at the airport, an ATM, and often the complimentary guest computer at a hotel or library.

Answer 47

static

Question 48

_______ devices include smartphones, mobile phones, tablets, smart TVs, set-top boxes, or an HDMI-stick streaming-media player

Answer 48

Network-enabled

Question 49

A ______ is something used to enclose or contain something else. Wrappers are well known in the security community in relation to Trojan horse malware.

Answer 49

wrapper

Question 50

A ____ constructs new applications or functions out of existing but separate and distinct software services. The resulting application is often new; thus, its security issues are unknown, untested, and unprotected.

Answer 50

service-oriented architecture (SOA)

Question 51

A type___ hypervisor is a native or bare-metal hypervisor. In this configuration, there is no host OS; instead, the hypervisor installs directly onto the hardware where the host OS would normally reside.

Answer 51

1

Question 52

A type ____ hypervisor is a hosted hypervisor. In this configuration, a standard regular OS is present on the hardware, and then the hypervisor is installed as another software application.

Answer 52

2

Question 53

____ refers to the flexibility of virtualization and cloud solutions to expand or contract resource utilization based on need.

Answer 53

Elasticity

Question 54

_____ occurs when an organization deploys numerous virtual machines without an overarching IT management or security plan in place.

Answer 54

VM sprawl

Question 55

_____ occurs when software within a guest OS is able to breach the isolation-protection provided by the hypervisor in order to violate the container of other guest OSs or to infiltrate a host OS.

Answer 55

VM escaping

Question 56

______ is the ability of a mobile device to include details about its location in any media created by the device, such as photos, videos, and social media posts.

Answer 56

Geotagging

Question 57

______ management is a device-management solution that limits which applications can be installed onto a device.

Answer 57

application

Question 58

______ is a security option that prohibits unauthorized software from being able to execute. It prevents any and all software, including malware, from executing unless it’s on the preapproved exception list

Answer 58

whitelisting

Question 59

_____ is the activity of sharing the cellular network data connection of a mobile device with other devices. This is also known as a hotspot

Answer 59

Tethering

Question 60

_______ requires that the OS provide separate memory spaces for each process’s instructions and data.

Answer 60

Process isolation

Question 61

A ______ is a method that is used to pass information over a path that is not normally used for communication.

Answer 61

covert channel

Question 62

A ______ is malware that embeds itself deep within an OS.

Answer 62

rootkit

Question 63

______ occurs when an attacker gains access to a system and makes small, random, or incremental changes to data during storage, processing, input, output, or transaction rather than obviously altering file contents or damaging or deleting entire files.

Answer 63

Data diddling