Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Operating Systems > Security > Flashcards

Security Flashcards

1
Q

List three problems with unsecured physical access.

A
  • Poses risks for mobile devices (smartphones & laptops).
  • When people don’t secure their physical devices, they leave them open to exploitation of trusted device status.
  • This makes them vulnerable to sinkhole attacks, a type of attack that capitalizes on trust between personal accounts, compromising multiple accounts and allowing access to increasing amounts of personal information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

List three categories of authentication and explain.

A
  1. Knowledge (“something you know”):
    ▪ Using something only an authorized user knows reduces the number of entities that can access a system.
    ▪ Examples: Passwords, PINs, passphrases, and security questions.
  2. Possession (“something you have”):
    ▪ The use of an object or device to verify the identity of an entity seeking access.
    ▪ Examples: Keys, physical access tokens, 2FA (2-Phase Authentication) using a bespoke device or a phone, access cards, and RFID tags.
  3. Attribute (“something you are”):
    ▪ Involves identifying an entity using its unique attributes, for instance, identifying a person using their face or fingerprints.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain a few unsafe habits and settings.

A
  • Opening emails from unknown senders.
  • Hiding file name extensions.
  • Using outdated systems.
  • OS Snobbery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How could we mistake convenience for heightened security?

A
  • Replacing a password with a fingerprint scan enhances convenience but may give the false impression that security has improved.
  • Replacing one type of authentication with another.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Explain how a buffer overflow attack works.

A

An array, from a memory perspective, is a reserved space with a fixed size.
* Buffer overflow occurs when there’s no bounds checking to ensure the array is large enough to contain the data stored in it.
* Data written to one array can overwrite data stored in the adjacent memory space of another process.
* This is common because the base language of many operating systems, like C, does not enforce strict array bounds.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How do we defend against a buffer overflow attack?

A
  • Stack canaries: Protect against attacks targeting the execution stack.
  • Data Execution Prevention (DEP): Prevents code stored in the data area of a process’s memory from being executed as code.
  • Address Space Layout Randomization (ASLR): Prevents attackers from reliably constructing malicious code using code already available in the victim process’s code area.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q
A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Operating Systems (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions