Module 1 - 04-2

Question 1

What is the job of an OS?

Answer 1

To help other computer programs run efficiently.

The OS does this by taking care of all the messy details related to controlling, the computer’s hardware

Question 2

Explain the process of turning on a computer

Answer 2

• When you press the power button, you’re interacting with the hardware.
• This boots the computer and brings up the operating system.
• Booting the computer means that a special microchip called a BIOS is activated. On many computers built after 2007, the chip was replaced by the UEFI. Both BIOS and UEFI contain booting instructions that are responsible for loading a special program called the bootloader.
• Then, the bootloader is responsible for starting the operating system. Just like that, your computer is on.

Vulnerabilities can occur in something like a booting process.
Often, the BIOS is not scanned by the antivirus software, so it can be vulnerable to malware infection.

Question 3

What doe CPU stand for?

Answer 3

Central Processing Unit (CPU)

Question 4

How do applications and hardware communicate?

• Operating systems regularly monitor applications and hardware to determine if any common information should be shared between them.
• Applications and hardware communicate directly, and the operating system interprets this communication to translate it to the user.
• Applications send requests to the operating system, and the operating system directs those requests to the hardware.
• Applications send requests directly to the hardware, and the hardware sends back a response through the operating system.

Answer 4

Applications send requests to the operating system, and the operating system directs those requests to the hardware.

Applications send requests to the operating system, and the operating system directs those requests to the hardware. The hardware also sends information back to the operating system, and the operating system sends it back to applications.

Question 5

What does BIOS stand for?

Answer 5

Basic Input/Output System (BIOS)

Question 6

Define BIOS

Answer 6

A microchip that contains loading instructions for the computer and is prevalent in older systems

Question 7

What does UEFI stand for?

Answer 7

Unified Extensible Firmware Interface (UEFI)

Question 8

Define UEFI

Answer 8

A microchip that contains loading instructions for the computer and replaces BIOS on more modern systems

Question 9

What are the functions of the BIOS and UEFI?

Answer 9

The BIOS and UEFI chips both perform the same function for booting the computer

UEFI provides enhanced security features

The BIOS or UEFI microchips contain a variety of loading instructions for the computer to follow.
For example, one of the loading instructions is to verify the health of the computer’s hardware.

The last instruction from the BIOS or UEFI activates the bootloader.
The bootloader is A software program that boots the operating system.
Once the operating system has finished booting, your computer is ready for use.

Question 10

Define Bootloader

Answer 10

A software program that boots the operating system

Question 11

How many processes are there in completing a task on a computer?

Answer 11

Four (4)

Question 12

What components are part of the four-part process of completing a task on a computer?

Answer 12

• User
• Application
• Operating System
• Hardware

Question 13

What is the first (1st) part of the process of completing a task on a computer?

Answer 13

User

The user initiates the process by having something they want to accomplish on the computer

Question 14

What is the second (2nd) part of the process of completing a task on a computer?

Answer 14

Application

The application is the software program that users interact with to complete a task

Question 15

What is the third (3rd) part of the process of completing a task on a computer?

Answer 15

Operating System

The operating system receives the user’s request from the application.
It’s the operating system’s job to interpret the request and direct its flow.
In order to complete the task, the operating system sends it on to applicable components of the hardware.

Question 16

What is the fourth (4th) part of the process of completing a task on a computer?

Answer 16

Hardware

The hardware is where all the processing is done to complete the tasks initiated by the user.
After the work is done by the hardware, it sends the output back through the operating system to the application so that it can display the results to the user.

Question 17

What are the steps involved in booting a computer?

Answer 17

Step 1: The user powers on the computer.

Step 2: BIOS or UEFI loads the bootloader.

Step 3: The bootloader program loads the OS.

Question 18

What are the steps involved in saving a file?

Answer 18

Step 1: User opens a word processing application and types a document.

Step 2: When the user saves the document, the application communicates with the OS.

Step 3: OS saves the file to a hardware component called the hard drive.

Step 4: Hard drive confirms file was saved, communicates this to OS. OS indicates this within the application.

Question 19

What is another task that the OS is responsible for?

Answer 19

It is responsible for managing the resources of the system (resource allocation).
This is a big task that requires a lot of balance to make sure all the resources of the computer are used efficiently.
Think of this like the concept of energy.
Energy is needed to complete different tasks.
Some tasks need more energy, while others require less.
A computer’s OS also needs to make sure that it has enough energy to function correctly for certain tasks.
Running an antivirus scan on your computer will use more energy than using the calculator application.

As an analyst, it’s helpful to know where a system’s resources are used. Understanding usage of resources can help you respond to an incident and troubleshoot applications in the system.

Question 20

Why is it necessary for the OS to handle resource and memory management?

• To increase the capacity of the computer system so more applications can be run
• To most efficiently respond to cybersecurity incidents
• To ensure the limited capacity of the computer system is used where it is needed most
• To track the computer system’s activity and provide users with memory and task management information

Answer 20

To ensure the limited capacity of the computer system is used where it is needed most

The OS handles resource and memory management to ensure the limited capacity of the computer system is used where it is needed most.

Question 21

What does the Task Manager do?

Answer 21

It will list all of the tasks that are being processed, along with their memory and CPU usage

Question 22

What does VM stand for?

Answer 22

Virtual Machine (VM)

Question 23

Define VM

Answer 23

A virtual version of a physical computer.

Virtual machines are one example of virtualization.

Question 24

Define Virtualization

Answer 24

The process of using software to create virtual representations of various physical machines.

Question 25

Define Virtual

Answer 25

The term “virtual” refers to machines that don’t exist physically, but operate like they do because their software simulates physical hardware.

Virtual systems don’t use dedicated physical hardware.
This means that a single virtual machine has a virtual CPU, virtual storage, and other virtual hardware.
Virtual systems are just code.

You can run multiple virtual machines using the physical hardware of a single computer.
This involves dividing the resources of the host computer to be shared across all physical and virtual components.

Question 26

What does RAM stand for?

Answer 26

Random Access Memory (RAM)

Question 27

Define RAM

Answer 27

A hardware component used for short-term memory

Question 28

Explain the Benefits of Virtual Machines regarding Security

Answer 28

One benefit is that virtualization can provide an isolated environment, or a sandbox, on the physical host machine.
When a computer has multiple virtual machines, these virtual machines are “guests” of the computer.
They are isolated from the host computer and other guest virtual machines.
This provides a layer of security, because virtual machines can be kept separate from the other systems.
A security professional could also intentionally place malware on a virtual machine to examine it in a more secure environment.

Note: Although using virtual machines is useful when investigating potentially infected machines or running malware in a constrained environment, there are still some risks.
For example, a malicious program can escape virtualization and access the host machine. This is why you should never completely trust virtualized systems.

Question 29

Explain the Benefits of Virtual Machines regarding Efficiency

Answer 29

Using virtual machines can also be an efficient and convenient way to perform security tasks.
You can open multiple virtual machines at once and switch easily between them.
This allows you to streamline security tasks, such as testing and exploring various applications.
Many virtual machines can be hosted on the same physical machine.
That way, separate physical machines aren’t needed to perform certain tasks.

Question 30

How are Virtual Machines Managed

Answer 30

Virtual machines can be managed with a software called a hypervisor.
Hypervisors help users manage multiple virtual machines and connect the virtual and physical hardware.
Hypervisors also help with allocating the shared resources of the physical host machine to one or more virtual machines.

One hypervisor that is useful for you to be familiar with is the Kernel-based Virtual Machine (KVM).
KVM is An open-source hypervisor that is supported by most major Linux distributions.
It is built into the Linux kernel, which means it can be used to create virtual machines on any machine running a Linux operating system without the need for additional software.

Question 31

What does KVM stand for?

Answer 31

Kernel-based Virtual Machine (KVM)

Question 32

Define KVM

Answer 32

An open-source hypervisor that is supported by most major Linux distributions

Question 33

What are other forms of virtualization?

Answer 33

In addition to virtual machines, there are other forms of virtualization.
Some of these virtualization technologies do not use operating systems.

For example, multiple virtual servers can be created from a single physical server.
Virtual networks can also be created to more efficiently use the hardware of a physical network.

Question 34

What is the job of a computer’s operating system?

• Turn on the computer
• Allow users to specify tasks
• Help other computer programs run efficiently
• Load the bootloader

Answer 34

Help other computer programs run efficiently

The job of a computer operating system is to help make other computer programs run efficiently. It does this by managing the details related to controlling computer hardware

Question 35

In order to carry out tasks on a computer, users directly interact with _____.

• the BIOS
• applications
• task managers
• the CPU

Answer 35

applications

Users interact with applications in order to carry out tasks on a computer. Applications are programs that perform a specific task.

Question 36

The management of a computer’s resources and memory is handled by an application.

True
False

Answer 36

False

The management of a computer’s resources and memory is handled by its operating system. The operating system ensures the limited capacity of the computer system is used where it’s needed most.

Question 37

Which of the following processes are part of starting an operating system? Select all that apply.

• The bootloader starts the operating system.
• Either the BIOS or UEFI microchip is activated when a user turns on a computer.
• The bootloader immediately launches when a user turns on a computer.
• The BIOS or UEFI microchip loads the bootloader.

Answer 37

• The bootloader starts the operating system.
• Either the BIOS or UEFI microchip is activated when a user turns on a computer.
• The BIOS or UEFI microchip loads the bootloader.

Either the BIOS or UEFI microchip is activated when a user turns on a computer. The BIOS or UEFI microchip loads the bootloader, and the bootloader starts the operating system.