Security Architecture & Design Flashcards
What are the 9 main components of the CPU?
Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Which component of the CPU performs numerical calculations? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Arithmetic Logic Unit (ALU)
Which component of the CPU supervises data transfers over the bus system between the CPU and I/O devices? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Bus Interface Unit (BIU)
Which component of the CPU coordinates other CPU components during program execution? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Control Unit
Which component of the CPU converts incoming instructions into individual commands? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Decode Unit
Which component of the CPU handles higher math operations for the ALU and control unit? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Floating Point Unit (FPU)
Which component of the CPU handles addressing and cataloguing data that's stored in memory and translates logical addressing into physical addressing? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Memory Management Unit (MMU)
Which component of the CPU monitors all CPU functions to ensure they are properly executed? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Protection Test Unit (PTU)
Which component of the CPU hold CPU data, addresses and instructions temporarily, in special buffers? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Registers
Which component of the CPU pre-loads instructions into CPU registers? Arithmetic Logic Unit (ALU) Bus Interface Unit (BIU) Control Unit Decode Unit Floating Point Unit (FPU) Memory Management Unit (MPU) Pre-fetch Unit Protection Test Unit (PTU) Registers
Pre-fetch Unit
The basic operation of a microprocessor consists of two distinct phases. What are they?
fetch and execute
Fetch and Execute are otherwise known as what in CPU terms?
Basic Machine Cycle
What is the basic machine cycle controlled by?
CPU Clock signals
What are the 4 operating states for a computer CPU?
- Operating (or run) state
- Problem (or application) state
- Supervisory state
- Wait state
During which CPU state are only a limited subset of non privileged instructions available?
Problem (or application) state
When the CPU executes a privileged instruction, meaning that instruction is available to a system admin or authorised user/process only, what state is the CPU in?
Supervisory state
What are the two basic types of CPU designs?
- Complex Instruction Set Computing (CISC)
- Reduced Instruction Set Computing (RISC)
Which CPU design can perform multiple operations per instruction and is optimised for systems in which the fetch phase is the longest part of the instruction execution cycle?
- Complex Instruction Set Computing (CISC)
Which CPU design uses fewer, simpler instructions, requiring fewer clock cycles to execute and is optimised for systems in which the fetch and execute phases are approximately equal?
- Reduced Instruction Set Computing (RISC)
What are two ways of describing a microprocessor?
- Scalar
- Superscalar
What is the difference between scalar and superscalar
Scalar executes a single instruction at a time whereas superscalar can execute multiple instructions concurrently
Which classification of processor can alternate the execution of multiple subprograms or tasks on a single processor?
- Multitasking
- Multiprogramming
- Multiprocessing
Multitasking
Which classification of processor alternates the execution of multiple programs on a single processor?
- Multitasking
- Multiprogramming
- Multiprocessing
Multiprogramming
Which classification of processor executes multiple programs on multiple processors simultaneously?
Multiprocessing
What is “Multistate” in relation to a processor?
OS supports multiple operating states, ie Normal and Safe mode in Windows.
What term is used for an operating system that provides different shell environments, profiles or privilege levels for each user, e.g. “Run As” in Windows?
Multi-User
Which piece of hardware groups electronic conductors that interconnect the various components of the computer?
Bus
What are the 3 bus structures?
- Data Bus
- Address Bus
- Control Bus
Which bus structure transmits data between the CPU, memory and peripheral devices?
- Data Bus
- Address Bus
- Control Bus
- Data Bus
Which bus structure transmits addresses of data and instructions between the CPU and memory?
- Address Bus
Which bus structure transmits control information (device status) between the CPU and other devices?
- Control Bus
Which part of a computer stores programs, instructions and data?
Memory
What are the two main types of physical (real) memory?
Random Access Memory (RAM)
Read Only Memory (ROM)
What are the two main types of RAM?
Dynamic RAM
Static RAM
Which type of RAM is faster and doesn’t need to be refreshed?
SRAM or DRAM?
SRAM
Firmware typically uses which type of memory?
RAM or ROM?
ROM
The term “Main Storage” and “Primary memory” relates to what?
Physical memory (normally RAM)
What are the 4 variations of ROM?
- Programmable Read-Only memory (PROM)
- Erasable PROM (EPROM)
- Electonically EPROM (EEPROM)
- Flash Memory
Which type of ROM cannot be re-written?
- Programmable Read-Only memory (PROM)
- Erasable PROM (EPROM)
- Electonically EPROM (EEPROM)
- Flash Memory
PROM
Which type of ROM can be erased by shining UV light on the chip?
- Programmable Read-Only memory (PROM)
- Erasable PROM (EPROM)
- Electonically EPROM (EEPROM)
- Flash Memory
- Erasable PROM (EPROM)
Dynamic storage on non-volatile magnetic media such as a hard disk is otherwise known as what?
Secondary memory
A paging file, swap space or swap partition is typically known as what type of memory?
Virtual memory
What are two important security concepts associated with memory?
- the protection domain
- memory addressing
Which security concept prevents other programs or processes from accessing or modifying the contents of address space that’s already been assigned to another active program or process?
the protection domain
What security concept describes the method used by the CPU to access the contents of memory?
- memory addressing
What is the difference between memory space and address space?
memory space describes the amount of physical memory in a computer system whereas address space specifies where memory is located in a computer system.
What is otherwise known as a hard coded address assigned to physically installed memory and can only be accessed by the OS that maps physical address to virtual addresses?
A physical memory address
What is the term used to describe the address that applications use to specify a desired location in memory?
Virtual (or symbolic) memory address
What are the 5 common virtual memory addressing modes?
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
Which virtual memory address mode is the origin for calculating other addresses?
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
- Base addressing
Which virtual memory address mode identifies a location without reference to the base address, or it may be the base address itself?
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
- Absolute addressing
Which virtual memory address mode specifies an address relative to an index register? If the index register changes, the resulting memory location changes)
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
- Indexed addressing
Which virtual memory address mode contains the address to the final desired location in memory?
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
- Indirect addressing
Which virtual memory address mode specifies the address of the final desired memory location?
- Base addressing
- Absolute addressing
- Indexed addressing
- Indirect addressing
- Direct addressing
- Direct addressing
What is the difference between virtual memory and virtual addressing?
virtual memory combines physical memory and hard disk space to create more apparent memory whereas virtual addressing is the method used by applications and programs to specify a desired location n physical memory
What is firmware?
A program or set of computer instructions stored in the physical circuitry of ROM memory.
BIOS is a common example of firmware. True or False?
True
What does BIOS stand for?
Basic Input-Output System
What does a computer BIOS do?
Contains instructions needed to start a computer when it is first powered on
What are the 3 main components of an operating system?
- Kernel
- Device Drivers
- Tools
What is the core component of an operating system, that allows processes, controls hardware devices and communication to external devices that may be connected to the computer?
Kernel
What are the 6 main functions of the OS?
- Process management
- Resource Management
- I/O device management
- memory Management
- File management
- Communications Management
Virtualisation - What is a hypervisor?
software program that allocates resources for each resident OS and serves as an OS for multiple OS’s
The entire compliment of protection mechanisms within a computer system that’s responsible for enforcing a security policy (hardware, firmware, software) is otherwise known as what?
Trusted Computing Base (TCB)
The ability to permit or deny the use of an object by a subject is otherwise known as what?
Access Control
What is the system component called that enforces access control on an object?
Reference Monitor
What is a security kernel?
It’s the combination of hardware, firmware, software elements in a TCB that implements the reference monitor concept
What are the 3 requirements of the security kernel?
- Mediate all access
- Be protected from modification
- Be verified as correct
What is the “Security Mode of Operation”?
describes how a system handles stored information at various classification levels
What are the four system classification levels commonly assigned to authorised user’s by the US military?
- Dedicated
- System High
- Multi-level
- Limited access
Which of the following system classification levels requires that all authorised users have a clearance level equal to or higher than the highest level of information processed on the system and a valid need to know?
- Dedicated
- System High
- Multi-level
- Limited access
- Dedicated
Which of the following system classification levels requires that all authorised user have a clearance level equal to or higher than the highest level of information processed on the system, but a valid need to know isn’t necessarily required?
- Dedicated
- System High
- Multi-level
- Limited access
- System High
Which of the following system classification levels is information at different classification levels stored or processed on a TCB and where authorised users must have an appropriate classification level, but access restrictions are enforced by the system accordingly?
- Dedicated
- System High
- Multi-level
- Limited access
- Multi-level
Which of the following system classification levels doesn’t require authorised user’s to have security clearance , but the highest level of information on the system is Sensitive But Unclassified? (SBU)
- Dedicated
- System High
- Multi-level
- Limited access
- Limited Access
A Trusted Computer System is a system with a Trusted Computer Base. True or False?
True