Chapter 9 Security Vulnerabilities, Threats, and Countermeasures Flashcards

Question 1

Q

permits multiple concurrent tasks to be performed within
a single process

Multitasking
Multiprocessing
Multiprogramming
Multithreading

Answer

A

Multithreading

Question 2

Q

computing system harnesses the power of more than one processor to complete the execution of a single application

Multitasking
Multiprocessing
Multiprogramming
Multithreading

Answer

A

Multiprocessing

Question 3

Q

multiple tasks occupy multiple processes

Multitasking
Multiprocessing
Multiprogramming
Multithreading

Answer

A

Multitasking

Question 4

Q

Multitasking
Multiprocessing
Multiprogramming
Multithreading

Answer

A

Multiprogramming

Question 5

Q

When multiple documents are opened at the

same time in a word processing program it is an example of _____ thread(s) within _________ process(es).

Answer

A

multiple , single

Question 6

Q

A single computer contains multiple processors that are treated equally and controlled by a single operating system is ______.

symmetric multiprocessing
massively parallel processing

Answer

A

symmetric multiprocessing

Question 7

Q

systems house hundreds or even thousands of processors, each
of which has its own operating system and memory/bus resources

massively parallel processing
symmetric multiprocessing

Answer

A

massively parallel processing

Question 8

Q

Systems certified to handle multiple security levels simultaneously by using specialized security mechanisms

Answer

A

Multistate

Question 9

Q

security administrators approve a processor and system to handle only one security level at a time

Answer

A

Single-state system

Question 10

Q

When a process finishes or must be terminated (because an error occurs, a
required resource is not available, or a resource request can’t be met

Ready
Waiting
Running
Supervisory
Stopped

Question 11

Q

when the process must perform an action that requires privileges that are greater than the problem state’s set of privileges, including modifying system
configuration, installing device drivers, or modifying security settings.

Ready
Waiting
Running
Supervisory
Stopped

Answer

A

Supervisory

Question 12

Q

process executes on the CPU and keeps going until it finishes, its time slice expires, or it is blocked for some reason

Ready
Waiting
Running
Supervisory
Stopped

Question 13

Q

the process is ready for continued execution but is waiting for a device or access request (an interrupt of some kind) to be serviced before it can continue processing

Ready
Waiting
Running
Supervisory
Stopped

Question 14

Q

a process is ready to resume or begin processing as soon as it is scheduled for execution.

Ready
Waiting
Running
Supervisory
Stopped

Question 15

Q

If the time slice ends and the process isn’t completed, it returns to the ____ state

Ready
Waiting
Running
Supervisory
Stopped

Question 16

Q

if the process blocks while waiting for a resource to become available, it goes into the _____ state

Ready
Waiting
Running
Supervisory
Stopped

Question 17

Q

■ Each user must have a security clearance that permits access to all information processed
by the system.

■ Each user must have access approval for all information processed by the system.

■ Each user must have a valid need to know for all information processed by the system.

Dedicated Mode
System High Mode
Compartmented mode
Multilevel Mode

Answer

A

Dedicated Mode

Question 18

Q

■ Each user must have a valid security clearance that permits access to all information
processed by the system.

■ Each user must have access approval for all information processed by the system.

■ Each user must have a valid need to know for some information processed by the
system but not necessarily all information processed by the system.

Dedicated Mode
System High Mode
Compartmented mode
Multilevel Mode

Answer

A

System High Mode

Question 19

Q

■ Each user must have a valid security clearance that permits access to all information
processed by the system.

■ Each user must have access approval for any information they will have access to on the system.

■ Each user must have a valid need to know for all information they will have access to on the system.

Dedicated Mode
System High Mode
Compartmented mode
Multilevel Mode

Answer

A

Compartmented mode

Question 20

Q

■ Some users do not have a valid security clearance for all information processed by the system. Thus, access is controlled by whether the subject’s clearance level dominates the object’s sensitivity label.

■ Each user must have access approval for all information they will have access to on the system.

■ Each user must have a valid need to know for all information they will have access to
on the system.

Dedicated Mode
System High Mode
Compartmented mode
Multilevel Mode

Answer

A

Multilevel Mode

Question 21

Q

a nonvolatile form of storage media that can be electronically erased and rewritten and must be fully erased to be rewritten

Programmable Read-Only Memory (PROM)

Erasable Programmable Read-Only Memory (EPROM)

Electronically Erasable Programmable Read-Only Memory (EEPROM)

Flash Memory

Answer

A

Flash Memory

Question 22

Q

uses electric voltages delivered to the pins of the chip to force erasure and
chips can be erased without removing them from the computer

Programmable Read-Only Memory (PROM)

Erasable Programmable Read-Only Memory (EPROM)

Electronically Erasable Programmable Read-Only Memory (EEPROM)

Flash Memory

Answer

A

Electronically Erasable Programmable Read-Only Memory (EEPROM)

Question 23

Q

requires the physical removal of the chip from the computer and exposure to a special kind of ultraviolet
light.

Programmable Read-Only Memory (PROM)

Erasable Programmable Read-Only Memory (EPROM)

Electronically Erasable Programmable Read-Only Memory (EEPROM)

Flash Memory

Answer

A

Erasable Programmable Read-Only Memory (EPROM)

Question 24

Q

incorporates special functionality that allows an end user to burn in the chip’s contents later

Programmable Read-Only Memory (PROM)

Erasable Programmable Read-Only Memory (EPROM)

Electronically Erasable Programmable Read-Only Memory (EEPROM)

Flash Memory

Answer

A

Programmable Read-Only Memory (PROM)

Question 25

Q

typically the largest RAM storage resource available to a computer

Real Memory
Registers
Cache RAM

Answer

A

Real Memory

Question 26

Q

improve performance by taking data from slower devices and temporarily storing it in faster
devices when repeated use is likely

Real Memory
Registers
Cache RAM

Answer

A

Cache RAM

Question 27

Q

onboard memory that provides directly accessible memory locations that the brain of the CPU, the arithmeticlogical unit (ALU), uses when performing calculations or processing instructions.

Cache RAM
Registers

Answer

A

Registers

Question 28

Q

means of referring to various

locations in memory

Answer

A

Memory Addressing

Question 29

Q

The address must be located on the same memory page as the
instruction being executed.

Register Addressing
Base+Offset Addressing
Immediate Addressing
Direct Addressing
Indirect Addressing
Immediate Addressing

Answer

A

Direct Addressing

Question 30

Q

the memory address supplied to the CPU as part of the instruction doesn’t contain the actual value that the CPU is to use as an operand. Instead, the memory address contains another memory address

Register Addressing
Base+Offset Addressing
Immediate Addressing
Direct Addressing
Indirect Addressing
Immediate Addressing

Answer

A

Indirect Addressing

Question 31

Q

When the CPU needs information from one of its registers to complete
an operation, it uses a ____ (for example, “register 1”) to access its contents.

Register Addressing
Base+Offset Addressing
Immediate Addressing
Direct Addressing
Indirect Addressing
Immediate Addressing

Answer

A

Register Addressing

Question 32

Q

uses a value stored in one of the CPU’s registers as the base location from which to begin counting.

Register Addressing
Base+Offset Addressing
Immediate Addressing
Direct Addressing
Indirect Addressing
Immediate Addressing

Answer

A

Base+Offset Addressing

Question 33

Q

a way of referring to data that is supplied to the CPU as part of an instruction.

Register Addressing
Base+Offset Addressing
Immediate Addressing
Direct Addressing
Indirect Addressing
Immediate Addressing

Answer

A

Immediate Addressing

Question 34

Q

a term commonly used to refer to magnetic, optical, or flash-based media or other storage devices that contain data not immediately available to the CPU.

Virtual memory
Secondary memory
Primary memory

Answer

A

Secondary memory

Question 35

Q

_______ is a special type of secondary memory that the operating system manages to make look and act just like real memory.

Virtual memory
Secondary memory
Primary memory

Answer

A

Virtual memory

Question 36

Q

To store data, ______ uses a series of capacitors, tiny electrical devices that hold a charge.

dynamic RAM
Static RAM

Answer

A

dynamic RAM

Question 37

Q

_______ uses more sophisticated technology—a logical device known as a flip-flop, is simply an on/off switch that must be moved from one position to another to change a 0 to 1 or vice versa.

dynamic RAM
Static RAM

Answer

A

Static RAM

Question 38

Q

______ means
that there are often blocks of data that are not marked as “live” but that hold a copy of the data when it was copied off to lower wear leveled blocks.

Answer

A

SSD wear leveling

Question 39

Q

the electronic emanations that every monitor produces is known as

Answer

A

Van Eck radiation

Question 40

Q

allows the electronic emanations that every monitor produces to be read from a distance

Answer

A

this process is known

as Van Eck phreaking

Question 41

Q

____ is a technology that allows the electronic emanations that every monitor produces (known as Van Eck radiation ) to be read

Question 42

Q

a channel with two signal lines, where one line is a DMA request (DMQ) line and the other is a DMA
acknowledgment (DACK) line.

Memory-Mapped I/O
Interrupt (IRQ)
Direct Memory Access (DMA)

Answer

A

Direct Memory Access (DMA)

Question 43

Q

part of the address space that the CPU manages
functions to provide access to some kind of device through a series of mapped memory addresses or locations

Memory-Mapped I/O
Interrupt (IRQ)
Direct Memory Access (DMA)

Answer

A

Memory-Mapped I/O

Question 44

Q

a technique
for assigning specific signal lines to specific devices through a special interrupt controller.

Memory-Mapped I/O
Interrupt (IRQ)
Direct Memory Access (DMA)

Answer

A

Interrupt (IRQ)

Question 45

Q

In most computers, the BIOS is stored on an _____ chip

Question 46

Q

There is also an attack known as ______, in which a malicious variation of official BIOS or firmware is installed that introduces remote control or other malicious features into a
device.

Answer

A

phlashing

Question 47

Q

What are the two elements that are compromised in a client based attack ?

Answer

A

Applets and local caches

Question 48

Q

code objects are
sent from a server to a client to perform some action

Applets
local caches

Question 49

Q

self-contained
miniature programs that execute independently of the server that sent them.

Applets
local caches

Question 50

Q

caused by an attack responding to ARP broadcast queries in

order to send back falsified replies

Answer

A

ARP cache poisoning

Question 51

Q

To combine records from one or more tables to produce potentially useful information is called ________.

aggregation
inference
data mining

Answer

A

Aggregation

Question 52

Q

combining several pieces of nonsensitive
information to gain access to information that should be classified at a higher level.

aggregation
inference
data mining

Answer

A

Inference

Question 53

Q

commonly used for storing critical information about data, including
usage, type, sources, relationships, and formats. DBMS software reads the data dictionary to determine access rights for users attempting to access data.

aggregation
inference
data mining
data dictionary

Answer

A

data dictionary

Question 54

Q

What is stored in a datamart ?

Question 55

Q

providing a computing platform and software solution stack as a virtual or cloud-based service.

Platform-as-a-Service
Software-as-a-Service (SaaS)
Infrastructure-as-a-Service

Answer

A

Platform-as-a-Service

Question 56

Q

provides on-demand online access to specific software applications or suites without the need for local installation

Platform-as-a-Service
Software-as-a-Service (SaaS)
Infrastructure-as-a-Service

Answer

A

Software-as-a-Service (SaaS)

Question 57

Q

utility or metered computing services, administrative
task automation, dynamic scaling, virtualization services, policy implementation and management
services, and managed/filtered Internet connectivity

Platform-as-a-Service
Software-as-a-Service (SaaS)
Infrastructure-as-a-Service

Answer

A

Infrastructure-as-a-Service

Question 58

Q

_____ refer to devices that offer a computational means to control
something in the physical world

Cyber-physical systems
Network-enabled devices
embedded system

Answer

A

Cyber-physical systems

Question 59

Q

any type of portable or nonportable device that has native network capabilities.

Cyber-physical systems
Network-enabled devices
embedded system

Answer

A

Network-enabled devices

Question 60

Q

______ is a computer implemented as part of a larger system.

Cyber-physical systems
Network-enabled devices
embedded system

Answer

A

embedded system

Question 61

Q

the collection of devices that can communicate over the Internet with one another or with a control console in order to affect and monitor the real world.

Answer

A

Internet of Things (IoT).

Question 62

Q

doctrine that says that users of an object (or operating system component) don’t necessarily need to know the details of how the object works; they need to know just the proper syntax for using the object and the type of data that will be
returned as a result (that is, how to send input and receive output).

Answer

A

Abstraction

Question 63

Q

abstraction applies to security is in the introduction of object groups, sometimes called _____ , where access controls and operation rights are assigned to
groups of objects rather than on a per-object basis

Question 64

Q

puts the most sensitive functions of a process at the core, surrounded by a series of increasingly larger concentric circles with correspondingly lower sensitivity levels

Answer 52

A

Data Hiding

Answer 53

A

virtual machine

Answer 54

A

Process Isolation

Answer 55

A

Hardware Segmentation

Answer 56

A

covert channel

Answer 57

A

Covert Timing Channel

Answer 58

A

Covert Storage Channel

Answer 59

A

buffer overflow

Answer 60

A

programmer

Answer 61

A

salami attack

Answer 62

A

Maintenance Hooks

Answer 63

A

Data diddling

Answer 64

A

serviceoriented architecture (SOA)

Answer 65

A

Faraday cage

Brainscape's Knowledge GenomeTM

Chapter 9 Security Vulnerabilities, Threats, and Countermeasures Flashcards

Brainscape's Knowledge Genome^TM