Day 1 Mod 5 Flashcards
Communication paths between the OS and devices are made possible through special programs called what?
Device drivers
Any hardware component or peripheral device that is attached to a computer is known as
A device
This is an executing instance of an application
A process
A singular named resource used for storing information or data
File
The OS interfaces with data on the hard drive through this, it defines the way data is named, stored, organized, and accessed on the hard drive. Like a file cabinet Drawer=disk volume Folder =directory Papers=files
File system
What does an operating system control and what four things does it provide a means of interacting with? U A S H
controls nearly all functions of a computer
Provides a means of interacting with users system software applications and Hardware
Every OS performs at least three core functions what are they
F
P
D
File system management
Process Management
Device management
This is the mechanical, magnetic, electronic, and electrical components of a computer
Hardware
This allows the user to interface with applications, system software, and Hardware
OS interface
The heart of the OS, manages interaction between layers.
OS kernel
System software, also known as the OS can be divided into two parts. What are they?
OS interface
OS kernel
Another name for executable code designed to carry out specific tasks on the computer, also known as programs or software.
Application
What are the OS interfaces a user interacts with?
GUI graphical user interface
CLI command line interface
Has only one user and can perform a task at any given time
Single user single-tasking
Only one user can perform multiple tasks at a time
Single user multitasking
One or more users can perform one or more tasks each at one time. Unix or Windows based
Multi user
Operates in a networked environment allowing a user to connect to another computer or server to retrieve information. Unix or Windows based
Client
provides various services including email file sharing and printer access as well as ensuring security to other computers or clients across a network. Email server web server print server
Server
One or more tasks are spread among two or more computers a cluster of machines like google. Com
Distributed
Every OS has inherent vulnerabilities posing risks that must be acknowledged and managed by what is known as?
Information assurance IA
Information assurance or IA incorporates five risk management measures or techniques what are they? C I A N A
Confidentiality Integrity Availability Non-repudiation Authentication
Assurance that information is not disclosed to unauthorized individuals, processes, or devices.
Need to know
Confidentiality
Assurance that no unauthorized modification or destruction of information occurred.
Trust
Integrity
Assurance of reliable access to data and services for authorized users.
Availability
Assurance that data delivery is proven to be from a reliable source.
Can’t deny
Non-repudiation
Assurance of properly verifying a user’s credentials.
Authentication
This ensures users are properly identified using account credentials such as.
Username and or password
Card or token
Biometrics
Authentication
Once a user is authenticated, os's provide mechanisms to ensure data may only be accessed by authorized users. There are four mechanisms to accomplish this what are they? P A L B
Privileged versus non-privileged
Access Control
Logging
Backups
The IA availability measure implements this principle, where non-privileged user accounts are only granted access to what is authorized.
Principle of least privilege
OSS provide this type of user account with full access and this other type of user account with limited access what are the accesses called?
Privileged and non-privileged
This is a mechanism for controlling access to system resources thereby ensuring resource availability.
Access Control
The three most common forms of Access Control are?
D
M
R
DAC discretionary Access Control
Mac mandatory Access Control
Rbac role-based Access Control
Commonly referred to as permissions and is implemented using access control list or ACL will list account permissions to a specific resource.
User-controlled permissions
DAC discretionary Access Control
Os’s enforce the system security policy using security labels for example need to know what type of act access control is this.
Mac mandatory Access Control
Access decisions are based on each accounts roll or functional position this is used for processes not files. What type of Access Control is it?
Rbac role-based Access
Os’s provide these capabilities to ensure the confidentiality and integrity aspects of IA are attainable.
Logging capabilities
This is a record of system or user activities that can contain events generated either locally or from a remote system and can be stored locally however some os’s provide the ability to consolidate them all in a centralized Repository.
Log files
This mechanism ensures system restoration after data loss, performing it supports is a integrity and availability measures.
Backups
This provides a consistent and reliable platform that is easy to use and is chosen by many popular application programs they are the most widely used in the world today and can be utilized in office and home environments although they are a Mainstay in both Commercial and Military organizations.
Windows
On this OS it is the process of determining whether someone is in fact who they declare to be.
Windows Authentication
Windows uses three main types of user accounts what are they?
B
L
D
Built-in
Local
Domain
This account type is created automatically when the OS is installed and consists of two types of accounts.
Administrator which is the user account with the highest level of Privileges and permissions this account cannot be deleted.
Yest, intended for temporary access when an individual user account does not exist they are greatly limited and do not require a password to access the system, cannot be deleted as well.
Built-in
Account authenticated by the local machine. Local account credentials are maintained in a local database.
Local
Local account credentials are maintained in a local database called?
Sam security accounts manager
Account authenticated by a domain controller.
Domain
This is a centralized server in a Windows Network that stores domain account credentials in a database called active directory. Authenticates accounts.
Domain controller
Information that is maintained by a centralized database is known as?
An Active directory
In this model each Windows system is considered stand alone with regards to Authentication. when are user attempts to login with a local account the computer communicates with its local Sam for Authentication.
Workgroup model
This model is a collection of computers sharing common configurations, resources, and security principles. Its information is maintained by a centralized database known as an active directory.
Domain model
Windows uses this type of structure in which all directories and files fall under a disk volumes root directory.
Hierarchical directory structure
This contains a subdirectory for each user that has logged on to the system.
Documents and settings folder
These are a collection of folders containing user personal data and preferences.
Subdirectories
When a user logs onto a system for the first time and or does not have a profile, the settings contained in this profile are used to create the user’s profile.
Default user profile
This profile is used add settings and programs that affect all users that log on to the system.
All users profile
This file folder contains folders and files of installed third-party software.
Program files folder
This folder contains all the OS files.
System root folder
This directory contains most of the built-in Windows system files, programs, and commands.
System32 directory
These are defined as any characteristic of a file or directory. These are also on and off type features.
Attributes
These may have varying values for example name, size, times, dates.
Properties
Name the five examples of file directory attributes. A R C H E S
Archive Read only Compression Hidden Encryption System
This attribute allows backup programs to know which files to backup.
Archive
This attribute protects the file from being overwritten or modified.
Read only
Attribute for a Compressed file or directory NTFS only
Compression
Attribute that hides from standard directory list listings and common users.
Hidden
Attribute type for a Encrypted file or directory NTFS only
Encryption
This attribute gives General protection from common user access.
System
Mechanism by which a system security identifies a user.
Authentication
Mechanism by which a system determines the level of access a user has two system resources.
Authorization
This file system provides the capability of assigning file and directory permissions using discretionary Access Control list or dacl
New technology file system NTFS
This permission allows for viewing and listing of files and subfolders, permits viewing of file contents, and is static and does not change.
Read
This permission allows adding a files and subfolders, and permits writing to a file.
Write
this permission permits viewing and listing of files and subfolders as well as file execution; inherited by files and folders, and permits viewing file contents and file execution.
Read and execute
This permission permits viewing a listing of files and subfolders; inherited by folders only and means nothing for files.
List folder contents
This permission allows for reading and writing a files and subfolders, allows deletion of the folder, and permits reading and writing of the file. Also allows deletion of the file and cannot change permissions.
Modify
This permission allows for Reading, Writing, changing app permissions, and deleting of files and subfolders. It also permits Reading Writing changing of permissions and deleting of the file.
Full control
This is implemented on directories not files and is accessed from over a network via this directory.
Shared directory, only folders can be shared not files and when access locally these rules have no impact on the directory.
