Quiz 10

Question 1

What does the principle of economy of mechanism states?

Security mechanisms should have limited monetary cost

Security should only be deployed if absolutely necessary

Security mechanisms should be as simple as possible (as long as they get the job done)

This principle does not exist

Answer 1

Security mechanisms should be as simple as possible (as long as they get the job done)

Question 2

What are the security-related goals typically considered in OS design?

Answer 2

Integrity, Availability, Confidentiality

Question 3

What does the principle of least privilege states?

An OS should only define two users, and administrator and a regular user

No file in storage should be executable

A user password should not be longer than 16 characters

A process should only receive the minimum privileges necessary to perform its actions

Answer 3

A process should only receive the minimum privileges necessary to perform its actions

Question 4

An OS may decide if a process is allowed to perform a certain action based on a security policy

Answer 4

True

Question 5

Match authentication concepts to their definition

____
A computing entity performing a request for access on behalf of another party

____
A party (typically a human) that can request access to resources

1. Principal
2. Agent

Answer 5

__2__
A computing entity performing a request for access on behalf of another party

__1__
A party (typically a human) that can request access to resources

Question 6

Passwords are examples of authentication based on “what you are”

True
False

Answer 6

False

Question 7

The “non-repudation” property means that if someone performs an action, they cannot deny that that action was performed

(True or False)

Answer 7

True

Question 8

What is a false positive in the context of biometric authentication?

Determining that the user fingerprint has changed

Needlessly requiring 2-factor authentication

Refusing to let the right user into the system

Letting the wrong user into the system

Answer 8

Letting the wrong user into the system

Question 9

Which I/O approach is more common in modern hardware peripherals?

Virtual address translation

Memory-mapped I/O

I/O using dedicated hardware instructions

Scheduled I/O

Answer 9

Memory-mapped I/O

Question 10

What’s the role of a driver?

Enable the OS to interface with an hardware peripheral

Enable an hardware peripheral to communicate with the user

Enable user-space processes to interface with the OS

Enable user-space processes to interface with an hardware peripheral

Answer 10

Enable the OS to interface with an hardware peripheral

Question 11

in and out X86 instructions allow to perform input/output using a dedicated I/O address space. (True or False)

Answer 11

True

Question 12

The majority of code in modern OS’es is found in device drivers

True
False

Answer 12

True

Question 13

Interrupt-based I/O is always preferable to polling-based I/O

True
False

Answer 13

False

Question 14

Match the I/O strategy with the correct description

____
Repeatedly check whether I/O events have occurred

____
Asynchronously get notified when I/O events occur

1. Polling-based I/O
2. Interrupt-driven I/O

Answer 14

__1__
Repeatedly check whether I/O events have occurred

__2__
Asynchronously get notified when I/O events occur

Question 15

Select all facts that apply to DMA

DMA is only used for GPUs

DMA allows I/O data to be moved between devices and memory with limited CPU involvement

DMA stands for Direct Mapping Access

DMA requires a dedicated controller

Answer 15

DMA allows I/O data to be moved between devices and memory with limited CPU involvement

DMA requires a dedicated controller