Domain 3: Security Architecture and Engineering Flashcards

Question

Closed vs. open systems

Answer 1

A closed system is often proprietary to the manufacturer or vendor, whereas an open system allows for more interoperability.

Answer 2

The Common Criteria was developed to provide globally recognized evaluation criteria.

Answer 3

The Common Criteria uses: * Protection profiles * Security targets * Ratings (EAL1 to EAL7) to provide assurance ratings for targets of evaluation (TOEs).

Answer 4

Certification is the technical evaluation of a system or product and its security components. Accreditation is management’s formal approval and acceptance of the security provided by a system.

Answer 5

ISO/IEC 15408 is the international standard that is used as the basis for the evaluation of security properties of products under the CC framework.

Answer 6

Process isolation ensures that multiple processes can run concurrently and the processes will not interfere with each other or affect each other’s memory segments.

Answer 7

TOC/TOU stands for time-of-check/time-of-use. This is a class of asynchronous attacks.

Answer 8

A distributed system is a system in which multiple computing nodes, interconnected by a network, exchange information for the accomplishment of collective tasks.

Answer 9

Cloud computing is the use of shared, remote computing devices for the purpose of providing improved efficiencies, performance, reliability, scalability, and security.

Answer 10

Software as a Service (SaaS) is a cloud computing model that provides users access to a specific application that executes on the service provider’s environment.

Answer 11

Platform as a Service (PaaS) is a cloud computing model that provides users access to a computing platform that is typically built on a server operating system, but not the virtual machine on which it runs.

Answer 12

Infrastructure as a Service (IaaS) is a cloud computing model that provides users unfettered access to a cloud device, such as an instance of a server, which includes both the operating system and the virtual machine on which it runs.

Answer 13

Parallel computing is the simultaneous use of multiple computers to solve a specific task by dividing it among the available computers.

Answer 14

Any system in which computers and physical devices collaborate via the exchange of inputs and outputs to accomplish a task or objective is a cyber-physical system.

Answer 15

Cryptography is the science of protecting information by encoding it into an unreadable format.

Answer 16

The most famous rotor encryption machine is the Enigma used by the Germans in World War II.

Answer 17

A readable message is in a form called plaintext, and once it is encrypted, it is in a form called ciphertext.

Answer 18

Cryptographic algorithms are the mathematical rules that dictate the functions of enciphering and deciphering.

Answer 19

Cryptanalysis is the study of breaking cryptosystems.

Answer 20

Nonrepudiation is a service that ensures the sender cannot later falsely deny sending a message.

Answer 21

Key clustering is an instance in which two different keys generate the same ciphertext from the same plaintext.

Answer 22

The range of possible keys is referred to as the keyspace. A larger keyspace and the full use of the keyspace allow for more random keys to be created. This provides more protection.

Answer 23

The two basic types of encryption mechanisms used in symmetric ciphers are **substitution** and **transposition**. Substitution ciphers change a character (or bit) out for another, while transposition ciphers scramble the characters (or bits).

Answer 24

A polyalphabetic cipher uses more than one alphabet to defeat frequency analysis.

Answer 25

Steganography is a method of hiding data within another media type, such as a graphic, WAV file, or document. This method is used to hide the existence of the data.

Answer 26

A key is a random string of bits inserted into an encryption algorithm. The result determines what encryption functions will be carried out on a message and in what order. Many algorithms are publicly known, so the secret part of the process is the key. The key provides the necessary randomization to encryption.

Answer 27

In symmetric key algorithms, the sender and receiver use the same key for encryption and decryption purposes.

Answer 28

In asymmetric key algorithms, the sender and receiver use different keys for encryption and decryption purposes.

Answer 29

Symmetric key processes provide barriers of secure key distribution and scalability. However, symmetric key algorithms perform much faster than asymmetric key algorithms. Symmetric key algorithms can provide confidentiality, but not authentication or nonrepudiation.

Answer 30

Examples of symmetric key algorithms include * DES * 3DES * Blowfish * IDEA * RC4 * RC5 * RC6 * AES.

Answer 31

Asymmetric algorithms are used to encrypt keys, and symmetric algorithms are used to encrypt bulk data.

Answer 32

Asymmetric key algorithms are much slower than symmetric key algorithms, but can provide authentication and nonrepudiation services.

Answer 33

Examples of asymmetric key algorithms include: * RSA * ECC * Diffie-Hellman * El Gamal * Knapsack * DSA.

Answer 34

Two main types of symmetric algorithms are **stream ciphers** and **block ciphers**. Stream ciphers use a keystream generator and encrypt a message one bit at a time. A block cipher divides the message into groups of bits and encrypts them.

Answer 35

Data Encryption Standard (DES) is a block cipher that divides a message into 64-bit blocks and employs S-box-type functions on them.

Answer 36

Because technology has allowed the DES keyspace to be successfully broken, Triple-DES (3DES) was developed to be used instead. 3DES uses 48 rounds of computation and up to three different keys.

Answer 37

International Data Encryption Algorithm (IDEA) is a symmetric block cipher with a key of 128 bits.

Answer 38

RSA is an asymmetric algorithm developed by Rivest, Shamir, and Adleman and is the de facto standard for digital signatures.

Answer 39

Elliptic curve cryptosystems (ECCs) are used as asymmetric algorithms and can provide: * Digital signature * Secure key distribution * Encryption functionality They use fewer resources, which makes them better for wireless device and cell phone encryption use.

Answer 40

When symmetric and asymmetric key algorithms are used together, this is called a hybrid system. The asymmetric algorithm encrypts the symmetric key, and the symmetric key encrypts the data.

Answer 41

A session key is a symmetric key used by the sender and receiver of messages for encryption and decryption purposes. The session key is only good while that communication session is active and then it is destroyed.

Answer 42

A public key infrastructure (PKI) is a framework of programs, procedures, communication protocols, and public key cryptography that enables a diverse group of individuals to communicate securely.

Answer 43

A certificate authority (CA) is a trusted third party that generates and maintains user certificates, which hold their public keys.

Answer 44

The CA uses a certification revocation list (CRL) to keep track of revoked certificates.

Answer 45

A certificate is the mechanism the CA uses to associate a public key to a person’s identity.

Answer 46

A registration authority (RA) validates the user’s identity and then sends the request for a certificate to the CA. The RA cannot generate certificates.

Answer 47

A one-way function is a mathematical function that is easier to compute in one direction than in the opposite direction.

Answer 48

RSA is based on a one-way function that factors large numbers into prime numbers. Only the private key knows how to use the trapdoor and how to decrypt messages that were encrypted with the corresponding public key.

Answer 49

Hashing algorithms provide data integrity only.

Answer 50

When a hash algorithm is applied to a message, it produces a message digest, and this value is signed with a private key to produce a digital signature.

Answer 51

Some examples of hashing algorithms include: * SHA-1 * SHA-2 * SHA-3 * MD4 * MD5

Answer 52

SHA produces a 160-bit hash value and is used in DSS.

Answer 53

A birthday attack is an attack on hashing functions through brute force. The attacker tries to **create two messages with the same hashing value**.

Answer 54

A one-time pad uses a pad with random values that are XORed against the message to produce ciphertext. The pad is at least as long as the message itself and is used once and then discarded.

Answer 55

A digital signature is the result of a user signing a hash value with a private key. It provides authentication, data integrity, and nonrepudiation. The act of signing is the actual encryption of the value with the private key.

Answer 56

Examples of algorithms used for digital signatures include: * RSA * El Gamal * ECDSA * DSA

Answer 57

Key management is one of the most challenging pieces of cryptography. It pertains to: * Creating * Maintaining * Distributing * Destroying cryptographic keys

Answer 58

Crime Prevention Through Environmental Design (CPTED) combines the physical environment and sociology issues that surround it to reduce crime rates and the fear of crime. CPTED provides three main strategies, which are: * Natural access control * Natural surveillance * Natural territorial reinforcement

Answer 59

The value of property within the facility and the value of the facility itself need to be ascertained to determine the proper budget for physical security so that security controls are cost effective.

Answer 60

When looking at locations for a facility, consider: * Local crime * Natural disaster possibilities * Distance to hospitals, police and fire stations, airports, and railroads.

Answer 61

Exterior fencing can be costly and unsightly, but can provide crowd control and help control access to the facility.

Answer 62

If interior partitions do not go all the way up to the true ceiling, an intruder can remove a ceiling tile and climb over the partition into a critical portion of the facility.

Answer 63

The primary power source is what is used in day-to-day operations, and the alternative power source is a backup in case the primary source fails.

Answer 64

Smoke detectors should be located on and above suspended ceilings, below raised floors, and in air ducts to provide maximum fire detection.

Answer 65

A fire needs: * High temperatures * Oxygen * Fuel To suppress it, one or more of those items needs to be reduced or eliminated.

Answer 66

Gases like FM-200 and other halon substitutes interfere with the chemical reaction of a fire.

Answer 67

Portable fire extinguishers should be located within 50 feet of electrical equipment and should be inspected quarterly.

Answer 68

CO2 is a colorless, odorless, and potentially lethal substance because it removes the oxygen from the air in order to suppress fires.

Answer 69

Window types that should be understood are: * Standard * Tempered * Acrylic * Wired * Laminated

Answer 70

Process isolation is a technique designed to control the interaction between different executing processes within a computer. Process isolation is a critical component of the security model of a computer operating system. It ensures that processes do not conflict with one another, communicate in an insecure manner, or negatively affect each other.

Answer 71

A reference monitor is an abstract machine that mediates all access subjects have to objects. This both ensures that the subjects have the necessary access rights, and to protect the objects from unauthorized access and destructive modification.

Answer 72

* Confidentiality * Integrity * Authentication * Authorization * Nonrepudiation Cryptoservices can provide the following services: * Confidentiality to render the information unintelligible except to authorized entities. * Integrity to ensure that data has not been altered in an unauthorized manner, because it was created, transmitted, and stored properly. * Authentication to verify the identity of the user or system that created and/or sent the information. * Authorization, which, upon proving someone’s identity, provides an individual with the key or password that enables access to some resource. * Nonrepudiation, which ensures that the sender cannot deny sending the message

Answer 73

Public key cryptography is the use of an asymmetric algorithm. Public Key Infrastructure (PKI) is not an algorithm, a protocol, or an application; it is the implementation of the requirements for creating and distributing digital certificates, a common application of public key cryptography. Public key cryptography is another name for asymmetric cryptography. Examples of asymmetric algorithms are: * RSA * Elliptic curve cryptosystem (ECC) * Diffie-Hellman * El Gamal * LUC * Knapsack These algorithms create public/private key pairs, perform key exchange or agreement, and generate and verify digital signatures. Public key infrastructure (PKI) is an arrangement that simplifies the use of public key cryptography.

Answer 74

A ring architecture is a hierarchical model in which concentric rings provide strict boundaries for what processes will work and which operations can be executed within them. Operating systems vary in the number of protection rings they use, but for all, the numbers increase and trust decreases as you move toward the outer bounds of the model. Processes in the innermost rings are the most privileged or trusted and allow the most direct access with the central processor or hardware. These exist in a privileged or supervisor mode. Processes in the outermost rings are the least privileged and allow the least direct access to the central processor or hardware. These processes execute in user mode.

Answer 75

The client. After a server authenticates to a client, when setting up an SSL connection, the client creates a session key that will be used by both the client and the server for bulk encryption. The client encrypts the session key with the server’s public key and sends it. Only the server can decrypt it, because only the server is supposed to have the corresponding private key.

Answer 76

ECC (Elliptic Curve Cryptosystem) ECC provides services similar to the RSA algorithm, but requires much less processing power. Thus, it is an ideal choice for cell phone and small wireless electronic devices. ECC’s mathematics are much more simple compared to other asymmetric algorithms, thus it uses less resources. It is being used more and more in devices with a smaller amount of processing resources.

Answer 77

* Scalar processor: A single processor that executes one instruction at a time. Typically operates on one or two data items at a time. * Superscalar processor: A single processor that enables concurrent execution of multiple instructions. Typically operates on more data items simultaneously.

Answer 78

The Brewer-Nash model allows for dynamically changing access controls that protect against conflicts of interest. The Brewer-Nash model is also known as the Chinese wall model. The Brewer-Nash model is another information flow model. No information can flow between subjects and objects in a way that would result in a conflict of interest. The model states that a subject can write to an object if, and only if, the subject cannot read another object that is in a different dataset.

Answer 79

The distribution of symmetric keys The Diffie-Hellman algorithm enables two systems to receive a symmetric key securely without requiring a previous relationship or prior arrangements. The algorithm enables for key distribution, but does not provide encryption or digital signature functionality. The algorithm is based on the difficulty of calculating discrete logarithms in a finite field. The Diffie-Hellman algorithm is vulnerable to a man-in-the-middle attack because no authentication occurs before public keys are exchanged.

Answer 80

* Data Encryption Standard (DES) * 3DES (Triple DES) * Blowfish * Twofish * IDEA (International Data Encryption Algorithm) * RC4 * RC5 * RC6 * AES * SAFER * Serpent

Answer 81

Secondary storage consists of various nonvolatile memory storage media, such as: * Hard drives * Jump drives * CD-ROMs When RAM utilizes secondary storage to extend memory capacity beyond what the volatile memory can hold, it is called virtual memory.

Answer 82

The Scytale cipher The Scytale cipher was employed by the Spartans in 400 B.C. and consisted of a type of paper wrapped around a wooden rod. The message to be encrypted was written lengthwise down the paper. The rod was then discarded and the paper was delivered to the intended recipient who would need to get a rod of the same diameter, rewind the paper around the new rod, and read the message. For people intercepting the paper and attempting to read the message without the proper rod, the letters would not match up; thus, it was not an understandable message.

Answer 83

Frequency analysis In every language, some letters are used more often than others. For instance, in the English language, the most commonly used letter is E. An attacker would look for the most frequently repeated pattern of the bits that make up E. It is the frequency in a specific vocabulary that allows attackers to identify frequencies in ciphertext.

Answer 84

RSA RSA is a worldwide de facto standard and can be used for digital signatures, key exchange, and encryption. The security of this algorithm comes from the difficulty of factoring large numbers into their original prime numbers. The public and private keys are functions of a pair of large prime numbers, and the necessary activity required to decrypt a message from ciphertext to plaintext using a private key is comparable to factoring a product into two prime numbers.

Answer 85

* Integrity axiom (“no write up”) * Simple integrity axiom (“no read down”) * Invocation property The Biba model is a state machine model that enforces levels of integrity that are outlined in the software’s security policy. The Biba model uses a lattice of integrity levels. If implemented and enforced properly, the Biba model prevents data from any integrity level from flowing to a higher integrity level. Biba has three main rules to provide this type of protection: * Integrity axiom: A subject cannot write data to an object at a higher integrity level. * Simple integrity axiom: A subject cannot read data from a lower integrity level. * Invocation property: A subject cannot request service (invoke) from subjects of higher integrity.

Answer 86

In an asymmetric key cryptographic operation, the sender and receiver use two different but mathematically related keys. The sender and receiver in an asymmetric key cryptographic operation use a public/private key combination. In this scheme, the message is encrypted using the public key of the key pair. The message can be decrypted using only the private key in the key pair. The public and private keys are related mathematically, and the private key cannot be derived from the public key.

Answer 87

* 1 GL: A computer’s machine language * 2 GL: An assembly language * 3 GL: FORTRAN, BASIC, PL/1, and C languages * 4 GL: Database query languages * 5 GL: Artificial intelligence languages (Prolog, LISP) that process symbols or implement predicate logic

Answer 88

In the hybrid approach, symmetric and asymmetric algorithms are used in a complementary manner, with each performing a different function. A symmetric algorithm creates keys used for encrypting bulk data, and an asymmetric algorithm creates keys used for automated key distribution. In a hybrid system, the asymmetric key is used to encrypt the symmetric key, and the symmetric key is used to encrypt the message.

Answer 89

A symmetric algorithm is one in which the same key is used to both encrypt and decrypt data. In a cryptosystem that uses symmetric cryptography, the sender and receiver use two instances of the same key for encryption and decryption. So the key has dual functionality; it can carry out both encryption and decryption processes. Symmetric keys are also called secret keys because this type of encryption relies on each user to keep the key a secret and properly protected. If an intruder were to get this key, she could decrypt any intercepted message encrypted with it.

Answer 90

A cryptovariable is another name for a key. A cryptovariable (or key) is the data used by a cryptographic algorithm to encipher plaintext or decipher encrypted data. It should remain secret between the parties exchanging the encrypted communication.

Answer 91

Data stored in volatile memory is wiped out, or lost, when the system loses power. Random access memory (RAM) is a type of volatile memory. Nonvolatile memory can persist even while the power is off and enables the storage of data in a more long-term fashion. A PC hard disk drive is an example of nonvolatile storage.

Answer 92

A one-time pad, also known as a Vernam cipher. The one-time pad is a key sequence based on random numbers used only one time and then destroyed. It has to be the same length as the data to be encrypted (typically in an exclusive OR [XOR] process) to encrypt each bit. The key values are distributed following an independent and uniform distribution over the key span. A one-time pad is a perfect encryption scheme because it is considered unbreakable if implemented properly. It was invented by Gilbert Vernam in 1917, so sometimes it is referred to as the Vernam cipher.

Answer 93

* A strong algorithm * A secret key * A lengthy key * Sound key management practices Many people think that strong cryptography only requires a strong algorithm. There are several pieces involved with cryptography—a strong algorithm is just one of the requirements. The strength of different cryptographic methods comes from the algorithm, secrecy of the key, length of the key, and the key management practices. The larger the keyspace, the more random the actual bits that make up the key can be.

Answer 94

The CPU is basically the brain of a computer. The CPU is composed of an arithmetic logic unit (ALU) that is responsible for executing arithmetic and logical instructions, an instruction register, a program counter, and other general-purpose registers. The CPU is connected to other components of the computer by buses.

Answer 95

The reduced instruction set computer (RISC) is a CPU that executes only a limited collection of instructions and usually requires fewer clock cycles to execute. The complex instruction set computer (CISC) is a more robust collection of instructions that require additional processing time.

Answer 96

* The data is protected from modification by unauthorized users. * The data is protected from unauthorized modification by authorized users. * The data is internally and externally consistent For example, the data held in a database must balance internally and must correspond to the external, real-world situation. The integrity levels are implemented by different controls depending upon the access control model being used (Biba, Clark-Wilson, etc.). The controls enforce the necessary integrity outlined by the operating system or application security policy.

Answer 97

Link encryption Link encryption will encrypt all data along a physical path between two endpoints and provides higher security and performance for the encryption services. Headers, trailers, data payload, and routing data would all be encrypted. Link encryption requires a physical link encryptor and decryptor at both ends of the physical link.

Answer 98

The security perimeter is a boundary that divides the trusted from the untrusted processes within an operating system. Processes and resources inside the security perimeter fall within the Trusted Computing Base (TCB), and anything beyond the security perimeter is inherently untrusted. For example, a resource that is within the boundary of the TCB, or security perimeter, must not allow less trusted components access to critical system resources. The processes within the TCB must also be careful about the commands and information they accept from less trusted resources. These limitations and restrictions are built into the interfaces that permit this type of communication to take place and are the mechanisms that enforce the security perimeter.

Answer 99

HMAC provides data origin authentication and data integrity. A hashed message authentication code (HMAC) is created when a symmetric key is combined with the message, and then that result is put through a hashing algorithm. The result is an HMAC value.

Answer 100

* DES-EEE3 * DES-EDE3 * DES-EEE2 * DES-EDE2 3DES uses 48 rounds in its computation, which makes it highly resistant to differential cryptanalysis; however, because of the extra work 3DES performs, there is a heavy performance hit. It can take up to three times longer than DES to perform encryption and decryption. 3DES can work in different modes, and the mode chosen dictates the number of keys used and what functions are carried out: * DES-EEE3: Uses three different keys for encryption, and the data is encrypted, encrypted, encrypted. * DES-EDE3: Uses three different keys for encryption, and the data is encrypted, decrypted, and encrypted. * DES-EEE2: The same as DES-EEE3, but uses only two keys, and the first and third encryption processes use the same key. * DES-EDE2: The same as DES-EDE3, but uses only two keys, and the first and third encryption processes use the same key.

Answer 101

Fetch and execute Each instruction execution cycle consists of a fetch and an execute operation. In the fetch phase, the CPU retrieves the instruction from memory. An instruction typically consists of an operation and operands. In the execute phase, the retrieved instruction is executed and the result is stored in the accumulator.

Answer 102

A trusted computer system is one that employs the necessary hardware and software assurance mechanisms to enable processing of multiple levels of classified or sensitive information and meeting specified requirements for reliability and security. This includes all protection mechanisms within a system that enforce the security policy and provide an environment that will behave in a manner expected of it.

Answer 103

An algorithm is a set of mathematical and logical rules that dictates how enciphering and deciphering take place. Many of the mathematical algorithms used in computer systems today are publicly known. Therefore, these algorithms require some private data, known as a key, to encipher and decipher information.

Answer 104

Steganography is a method of hiding data in another media type so the very existence of the data is concealed. Steganography is mainly accomplished by hiding messages in graphic images. This practice does not affect the graphic enough to be detected. Steganography does not use algorithms or keys to encrypt information. This is a process to hide data within another object so that no one can detect its presence.

Answer 105

* Simple security (“no read up”) * \*-property rule (“no write down”) * Strong star property rule The Bell-LaPadula model is a confidentiality model that describes the allowable information flow and formalizes the military security policy. It is the first mathematical model of a multilevel security policy that defines the concept of a secure state and necessary modes of access. Bell-LaPadula three security rules are: * The simple security rule: A subject cannot read data at a higher security level (no read up). * The \*-property rule: A subject cannot write data to an object at a lower security level (no write down). * The strong star property rule: A subject can perform read and write functions only to the objects at its same security level.

Answer 106

Cryptography is a method of storing and transmitting data in a form that only those it is intended for can read and process. The goals of cryptography and its attendant mechanism are to hide information unauthorized individuals. With enough time, resources, and motivation, hackers can break most algorithms and reveal the encoded information. So a more realistic goal of cryptography is to make obtaining the information too work-intensive or time-consuming to be worthwhile to the attacker.

Answer 107

The TCB is defined as the total combination of protection mechanisms within a computer system. The TCB includes: * hardware * software * firmware Hardware, software, and firmware are part of the TCB because the system is sure these components will enforce the security policy and not violate it.

Answer 108

Work factor is an estimate of the effort and resources it would take for an attacker to penetrate a cryptosystem. When designing an encryption method, the goal is to make compromising it prohibitively expensive or time-consuming. Work factor is another name for cryptography strength. In asymmetric algorithms, the work factor relates to the difference in time and effort that carrying out a one-way function in the easy direction takes compared to carrying out a one-way function in the hard direction.

Answer 109

A session key Most data encryption takes place through the use of symmetric keys. A static key is used over and over again because it is usually computed from a password derived by a user. Because a session key is dynamic and destroyed after it is used, it provides more protection than a static key because there is a smaller window for the bad guy to identify it.

Answer 110

Virtual memory is when a portion of secondary memory is used to emulate and extend RAM. The operating system memory manager operates by loading process data into main memory (RAM). When there is not enough space in memory to load a new process, operating systems that support virtual memory addressing can extend the addressable memory space by referencing program data that is stored in secondary memory. When a reference is made to data in the virtual address space, the memory manager removes a portion of a running process from main memory to load the portion of the requested process into main memory.

Answer 111

Clark-Wilson model enforces the three goals of integrity by using: * Access triples (subject, software, object) * Separation of duties * Auditing This model enforces integrity by using well-formed transactions (through access triples) and separation of user duties. The Clark-Wilson model dictates that subjects can only access objects through applications. This model also illustrates how to provide functionality for separation of duties and requires auditing tasks within software.

Answer 112

Plaintext is data that is readable in its current form and can be understood without further processing. Plaintext is in a form that can be understood either by a person (a document) or by a computer (executable code). When it is transformed into ciphertext, neither human nor machine can properly process it until it is decrypted.

Answer 113

* Cipher: A cryptographic transformation that operates on bytes or bits. It is another name for algorithm. * Cryptanalysis: The science of studying and breaking the secrecy of encryption process, compromising authentication schemes, and reverse-engineering algorithms and keys. * Cryptographic algorithm: A procedure that enciphers plaintext and deciphers ciphertext. * Cryptology: The study of cryptology and cryptanalysis. -A cipher is another word for an algorithm. * Cryptanalysis is an important piece of cryptography and cryptology. * Cryptographic algorithms provide the underlying tools to most security protocols used in today’s infrastructures. The algorithms work off of mathematical functions and provide various types of functionality and levels of security. * Cryptology is the practice and study of hiding information.

Answer 114

The certificate authority A certificate authority (CA) generates a digital certificate, which binds the public key to the individual or company’s identity. The CA vouches for the identification of the owner of the certificate. The digital certificate is used to authenticate individuals or companies to each other.

Answer 115

In a multiprogramming system, more than one program (or process) can be loaded into memory at the same time. Multiprogramming enables you to run your antivirus software, word processor, personal firewall, and email client application simultaneously.

Answer 116

* Cache memory * Random access memory (RAM) * Secondary memory Memory architecture is organized in layers differentiated by size, speed, and cost. Closer to the CPU, cache memory stores data and instructions used by the CPU. Random access memory (RAM) stores user and process data managed by the computer. Secondary memory stores user data, applications, and (in special circumstances) virtual address space for the memory manager.

Answer 117

In programmed I/O, the CPU manages the execution of I/O operations (secondary stage access, network access, printer access, and so on). Direct memory access (DMA) allows other subsystems to access memory independent of the CPU. The drawback of programmed I/O is that while the I/O operation is executing, the CPU cannot service another process. Direct memory access (DMA) reduces strain on the CPU.

Answer 118

The information flow model is a model in which information is restricted in its flow to only go to and from entities in a way that does not negate the security policy. In the information flow model, data is thought of as being held in individual and discrete compartments. Examples of information flow models are Bell-LaPadula and Biba. * The Bell-LaPadula model focuses on preventing information from flowing from a high security level to a low security level. * The Biba model focuses on preventing information from flowing from a low integrity level to a high integrity level.

Answer 119

The exclusive OR (XOR) process. The exclusive OR process is a Boolean operation that essentially performs binary addition without carrying on the input bits. * For two inputs that are equal, a 0 (false) is the result. * For two inputs where the values are not equal, the result is a 1 (true). Exclusive OR is usually abbreviated as XOR. It is an operation that is applied to two bits and is a function commonly used in binary mathematics and encryption methods. When combining the bits, if both values are the same, the result is 0 (1 XOR 1 = 0; 0 XOR 0 = 0). If the bits are different from each other, the result is 1 (1 XOR 0 = 1; 0 XOR 1 = 1).

Answer 120

* Substitution * Transposition (or permutation) The substitution cipher replaces bits, characters, or blocks of characters with different bits, characters, or blocks. A substitution cipher uses a key to dictate how the substitution should be carried out. The transposition cipher does not replace the original text with different text, but rather moves the original values around. It rearranges the bits, characters, or blocks of characters to hide the original meaning. The key determines the positions the values are moved to.

Answer 121

S-HTTP provides protection for each message sent between two computers, but not the actual link. HTTPS protects the communication channel. HTTPS is HTTP that uses SSL for security purposes. HTTP is a protocol that works at the application layer within the OSI model. SSL is a protocol that works at the transport layer. HTTPS is a very common combination; it is the most used protection mechanism when moving data over transmission lines for ecommerce. S-HTTP was an early attempt to secure HTTP that was never widely adopted.

Answer 122

Sequential memory gets its name because the contents are stored sequentially and must be read or retrieved sequentially, or in a linear fashion. An example of sequential memory is the use of magnetic tapes for data storage. Retrieving information requires searching from the beginning until the target data is located.

Answer 123

Random access memory (RAM) is a volatile and fast type of memory that is used closest to the processor in the computer system. Read-only memory (ROM) is nonvolatile memory that retains information even if power is removed. RAM takes the same amount of time to retrieve information from any address. ROM is typically used to load and store firmware. An example of ROM is erasable programmable read-only memory (EPROM).

Answer 124

Pipelining is the interweaving of various fetch and execute instruction cycles to allow for faster response times.

Answer 125

N(N – 1)/2 For example, if 10 people need to communicate via symmetric encryption processes, then 10(10-1)/2 or 45 keys are needed. Each pair of users who want to exchange data using symmetric key encryption must have two instances of the same key.

Answer 126

A closed system is proprietary to a specific vendor or group, and the specific operations are not disclosed. An open system has published functions and code that is verifiable by the public.

Answer 127

A trusted path is a communication channel between the user, or program, and the kernel. The Trusted Computing Base TCB provides protection resources to ensure this channel cannot be compromised in any way.

Answer 128

A multiprocessing system has more than one CPU. Multiprocessing requires an operating system capable of addressing more than one processor. Multiprocessing can be done either symmetrically, where CPU processing is doled out in a load-balancing fashion between the processors, or asymmetrically, where individual processors can be dedicated to a specific application or process.

Answer 129

Plaintext is in a form that can be understood either by a person (a document) or by a computer (executable code). After it is transformed into ciphertext, neither human nor machine can properly process it until it is decrypted. Ciphertext is a product of encryption that enables the transmission of confidential information over insecure channels without unauthorized disclosure. Plaintext is the readable version of a message. After an encryption process, the resulting text is referred to as ciphertext.

Answer 130

An operating system is the collection of applications that control the resources and operations of a computer. Operating systems perform: * Process management * Memory management * System file management * I/O management * Operation of the user interface

Answer 131

Multitasking is the capability of a computer system to carry out several different functions simultaneously. In reality, the CPU executes instructions one at a time, but it executes instructions from different processes and applications in such rapid succession that the net effect is that all the processes or applications are operating simultaneously.

Answer 132

* Block ciphers * Stream ciphers When a block cipher is used for encryption and decryption purposes, the message is divided into blocks of bits. These blocks are then put through mathematical functions, one block at a time. A stream cipher, on the other hand, does not divide a message into blocks. Instead, a stream cipher treats the message as a stream of bits and performs mathematical functions on each bit individually.