Chapter 9- Security Vulnerabilities, Threats and Countermeasures Flashcards

1
Q
  1. What is hardware?
A

Hardware: The term hardware encompasses any tangible part of a computer that you can actually reach out and touch, from the keyboard and monitor to its CPU(s), storage media, and memory chips.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q
  1. What do you understand by the Processor?
A

The central processing unit (CPU), generally called the processor or the micro-aprocessor.

It is the computer’s nerve center—

it is the chip (or chips in a multiprocessor system) that governs all major operations and either directly performs or coordinates the complex symphony of calculations that allows a computer to perform its intended task.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  1. List Execution Types
A
  • Multi tasking
  • Multicore
  • Multiprocessing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q
  1. Explain Multicore
A

This means that what was previously a single CPU or microprocessor chip is now a chip containing two, four, eight, or potentially dozens of independent execution cores that can operate simultaneously.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q
  1. Define Multitasking:
A

In computing, multitasking means handling two or more tasks simultaneously.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q
  1. Define Massively Parallel Processing (MPP):
A

MPP systems house hundreds or even thousands of processors, each of which has its own operating system and memory/bus resources.

MPP systems are extremely powerful (not to mention extremely expensive!) and are used in a great deal of computing or computational-based research.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
  1. Explain Multiprogramming:
A

: Multiprogramming is similar to multitasking. It involves the pseudosimultaneous execution of two tasks on a single processor coordinated by the operating system as a way to increase operational efficiency. Multiprogramming is considered a relatively obsolete technology and is rarely found in use today except in legacy systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q
  1. Differences between multiprogramming and multitasking.
A

Multiprogramming usually takes place on large-scale systems, such as mainframes,

whereas multitasking takes place on personal computer (PC) operating systems, such as Windows and Linux.

Multitasking is normally coordinated by the operating system, whereas multiprogramming requires specially written software that coordinates its own activities and execution through the operating system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  1. Define Multithreading:
A

Multithreading permits multiple concurrent (simultaneous or coinciding) tasks to be performed within a single process.
Multithreading is often used in applications where frequent context switching between multiple active processes consumes excessive overhead and reduces efficiency. In multithreading, switching between threads incurs far less overhead and is therefore more efficient

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  1. Diff between multithreading and multitasking
A

multitasking, where multiple tasks occupy multiple processes, multithreading permits multiple tasks to operate within a single process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  1. Define a thread
A

A thread is a self-contained sequence of instructions that can execute in parallel with other threads that are part of the same parent process.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q
  1. Define Single State systems:
A

Single-state systems require the use of policy mechanisms to manage information at different levels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q
  1. Define Multistate systems
A

: Multistate systems are capable of implementing a much higher level of security. These systems are certified to handle multiple security levels simultaneously by using specialized security mechanisms known as protection mechanisms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q
  1. What are technical mechanisms
A

Technical mechanisms prevent information from crossing between the two users and thereby crossing between security levels.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q
  1. Explain Protection Rings
A

Protection rings organize code and components in an operating system into concentric rings.
The deeper inside the circle you go, the higher the privilege level associated with the code that occupies a specific ring. Most modern operating systems use a four-ring model (numbered 0 through 3).

As the innermost ring, 0 has the highest level of privilege and can basically access any resource, file, or memory location. The part of an operating system that always remains resident in memory (so that it can run on demand at any time) is called the kernel.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q
  1. Explain Ring 0 of the protection ring:
A

As the innermost ring, 0 has the highest level of privilege and can basically access any resource, file, or memory location. The part of an operating system that always remains resident in memory (so that it can run on demand at any time) is called the kernel.

It occupies ring 0 and can pre-empt code running at any other ring.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q
  1. Explain ring 1 of the protection ring
A

The remaining parts of the operating system—those that come and go as various tasks are requested, operations performed, processes switched, and so forth—occupy ring 1.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q
  1. Explain Ring 2 of the protection ring:
A

: Ring 2 is also somewhat privileged in that it’s where I/O drivers and system utilities reside; these are able to access peripheral devices, special files, and so forth that applications and other programs cannot themselves access directly.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q
  1. Explain Ring 3 of the protection ring
A

Applications and programs occupy this ring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q
  1. Explain the essence of the protection ring
A

The essence of the ring model lies in priority, privilege, and memory segmentation.

The process associated with the lowest ring number always runs before processes associated with higher-numbered rings.

Those processes that run in higher-numbered rings must generally ask a handler or a driver in a lower-numbered ring for services they need; this is sometimes called a mediated-access model.

21
Q
  1. In practice, many modern operating systems break memory into only two segment explain them
A

one for system-level access (rings 0 through 2), often called kernel mode, supervisory mode or privileged mode

and one for user-level programs and applications (ring 3), often called user mode.

22
Q
  1. Explain the ring model from a security stand point
A

the ring model enables an operating system to protect and insulate itself from users and applications.

It also permits the enforcement of strict boundaries between highly privileged operating system components (such as the kernel) and less privileged parts of the operating system (such as other parts of the operating system, plus drivers and utilities).

It also permits the enforcement of strict boundaries between highly privileged operating system components (such as the kernel) and less privileged parts of the operating system (such as other parts of the operating system, plus drivers and utilities). Within this model, direct access to specific resources is possible only within certain rings; likewise, certain operations (such as process switching, termination, and scheduling) are allowed only within certain rings.

23
Q
  1. Define Process states
A

process states are various forms of execution in which a process may run. It is also known as operating state

24
Q
  1. From a security standpoint, the ring model does what?
A

The ring model enables an operating system to protect and insulate itself from users and applications. It also permits the enforcement of strict boundaries between high privileged operating system and less parts of the operating system.

25
Q
A
26
Q
  1. Explain system call
A

System call is the invocation of a specific system or programming interface designed to pass the Request to an inner ring for service.

27
Q
  1. Operating system can be in one of 2 modes name them:
A

a. supervisor mode b. user mode.

28
Q
  1. Define supervisor state
A

Supervisor state occurs when it operates in a privileged all access mode.

29
Q
  1. Define user mode
A

In user mode, privilege is low and all access requests must be checked against credentials for authorization before they are granted or denied

30
Q
  1. Define ready state
A

In ready state, a process is ready to resume or begin processing as soon as it is scheduled for execution.

31
Q
  1. Define waiting state
A

Waiting State also means waiting for resource, it involves a process that is ready for continued execution but is waiting for device or access request to be serviced before it can continue processing

32
Q
  1. Explain Running
A

the running process executes on the CPU and keeps going until it finishes, its time slice expires or it is blocked for some reason.

33
Q
  1. Explain supervisory state
A

the following occur in supervisory state:

  1. System configuration
  2. Installing device drivers
  3. Modifying security settings. Any function not occurring user mode ring 3 or problem state occurs in supervisory mode
34
Q
  1. Explain stopped state
A

when a process finishes or is terminated it goes into a stopped state. At this point, the operating system can recover all memory and other resources allocated to the process and reuse them for other processes as needed.

35
Q

Explain dedicated mode systems 3 users requirements

A

Each user must have a security clearance that permits access to all information processed by the system.

Each user must have access approval for all information processed by the system

Each user must have a valid need to know for all information processed by the system.

36
Q
  1. Explain systems high mode systems 3 users requirements
A

Each user must have a security clearance that permits access to all information processed by the system.

Each user must have a valid need to know some information processed by the system

Each user must have access approval for some information processed by the system but not necessarily all information processed by the system.

37
Q
  1. Explain systems Comparted mode systems 3 users requirements
A

Each user must have a valid security clearance that permits access to all information processed by the system.

Each user must have access approval for any information they will have access to on the system.

Each user must have a valid need to know for all information they will have access to on the system

38
Q
  1. Explain Compartmented Mode Workstations (CMW)
A

In a compartmented mode workstations (CMWs), users with the necessary clearances can process multiple compartments of data at the same time.

39
Q
  1. Explain multilevel Mode
A

Some users do not have a valid security clearance for all information processed by the system. Thus, access is controlled by whether the subject’s clearance level dominates the object’s sensitivity label.

Each user must have access approval for all information they will have access to on the system.

Each user must have a valid need to know for all information they will have access to on the system.

Multilevel mode is also known as controlled security mode.
PDMCL means ability to process data from multiple clearance levels

40
Q

Define user mode:

A
  1. User mode is the basic mode used by the CPU when executing user applications.
41
Q

Explain user mode

A
  1. User Mode it protects the system and data from malicious users who might try to execute instructions to circumvent the security measures put in place or who might mistakenly perform actions that could result in unauthorized access or damage to system or valuable information assets.
42
Q

Often processes within user mode are executed within a controlled environment called …..

A

virtual machine

43
Q

Explain virtual machine

A

This is a simulated environment created by the OS to provide a safe and efficient place for programs to execute. It is the responsibility of elements in privileges mode (kernel mode) to create and support VMs and prevent processes in one VM from interfering with processes in other VMs

44
Q

Define Privileged Mode

A
  1. Privileged mode is supported by CPUs and it is designed to give OS access to the full range of instructions supported by the CPU. This mode is also known as kernel mode, supervisory mode, system mode, privilege mode.

Well designed OS do not let any user application to execute in priviledge mode, for both security and system integrity purposes.

45
Q

What is memory

A

This is the storage bank for information that the computer needs to keep readily available.

46
Q

Explain Read Only Memory (ROM)

A
  1. The content of the ROM cannot be changed, it contains bootstrap information that computers use to startup prior to loading an OS from disk. ROM cannot be modified.
47
Q

Explain PROM Programmable Read Only Memory

A
  1. Programmable Read Only Memory can be altered by administrators up to a certain extent. During Manufacturing process the PROM chip’s content are not burned in, instead the end user burns in the chip’s content later and it then functions like ROM. PROM chips provide software developers with an opportunity to store information permanently on a high-speed, customized memory chip. PROMs are commonly used for hardware applications where some custom functionality is necessary but seldom changes once programmed
48
Q

Define Erasable Programmable Read-Only Memory (EPROM)

A
  1. Erasable Programmable Read-Only Memory (EPROM this combines the high cost of PROM chips and the software developer’s inevitable desires to tinker with their code once it is written.
49
Q

List the 2 main sub categories of EPROM

A

UVEPROM and EEPROM