Security Engineering

Question 1

Takes place when too much data is accepted as input to a specific process.

Answer 1

Buffer Overflow

Question 2

A countermeasure for buffer overflow.

Answer 2

Bounds Checking

Question 3

The term for when an app does not release the memory it is using so that it is available to other apps.

Answer 3

Memory Leak

Question 4

Name two counter measures for memory leak.

Answer 4

Garbage Collectors

Better code

Question 5

When trying to access memory, CPU uses ____________ addresses. Applications use ______ addresses.

Answer 5

Physical

Logical

Question 6

The ___________ acts like NAT for physical and logical memory addresses thereby providing security and efficiency.

Answer 6

Memory Manager

Question 7

This type of memory is used for high speed write and read activities.

Answer 7

Cache Memory

ex. L1, L2, L3

Question 8

What are two types of multitasking

Answer 8

Cooperative (process must voluntarily release resources)

Preemptive (OS controls how long each app can use a resource.)

Question 9

What is multi-threading?

Answer 9

The ability to perform more than one thread (instruction set) at one time.

OS can perform multi-threading, however, multiple cores in a processor allow multi-threading at a hardware level.

Question 10

What are the two types of multiprocessing and how do they differ?

Answer 10

Symmetric - like load balancing. Processors are handed work as needed.
Asymmetric - A processor is dedicated to a specific application or work load.

Question 11

What are the two main CPU modes?

Answer 11

User (Problem State)

Privileged (Kernel Mode)

Question 12

If the CPU needs to access some data either from memory or or from an I/O device, it sends a fetch request down the ___________ bus.

Answer 12

Address bus

Question 13

Circuitry associated with the memory or I/O device receives a fetch request and recognizes the address the CPU sent down the address bus and instructs the memory or device to read the requested data and put it on the _______ bus.

Answer 13

Data bus

Question 14

Special registers hold info like the program counter and the _________ , which holds different condition bits that indicate whether the CPU should be working in user mode or privileged mode.

Answer 14

Program Status Word (PSW)

Question 15

What does “Random Access” mean in Random Access Memory?

Answer 15

Random Access Memory allows you to access information non-sequentially.

Question 16

What is the difference between SRAM and DRAM?

Answer 16

Static RAM (SRAM) does not have a continuous refresh of electrons. Dynamic RAM (DRAM) the capacitors must be constantly refreshed. SDRAM is more expensive than DRAM and is typically used in cache.

Question 17

Types of ROM in order

Answer 17

Read-Only Memory - Nonvolatile memory type.
Programmable read-only memory PROM - Only programmable one time.
Erasable programmable read-only memory EPROM - UV light needed to “flash” (erase) the memory.
EEPROM - Electronically erasable PROM, no UV light needed, but slow.
FLASH MEMORY - Easy to update (both good and bad!)

Question 18

What is ASLR?

Answer 18

Address Space Layout Randomization. Introduced in Windows Vista (originally on OpenBSD).
Helps protect stuff in memory by making it harder to figure out where to attack it.

Question 19

What is DEP?

Answer 19

Data Execution Prevention. Marks certain memory locations as “off-limits.”

Question 20

What are the two categories of interrupts?

Answer 20

Maskable interrupt - for process that is not overly important
Non-maskable interrupt - Can never be overridden.

Question 21

What are four methods of process isolation?

Answer 21

Encapsulation of objects (provides data hiding, talk to the API !!)
Time multiplexing of shared resources (OS coordinates different requests from different processes)
Naming distinctions (PIDs)
Virtual memory mapping

Question 22

Secondary storage, such as the hard drive, can be combined with RAM to provide virtual memory. What is the reserved hard drive space called and what is a security vulnerability to concerning encrypted data?

Answer 22

Swap space.

Any encrypted data is unencrypted before it is placed on the swap space.

Question 23

What I/O interrupt type is the safest?

A. Fully Mapped I/O
B. I/O using DMA
C. Premapped I/O
D Programmable I/O

Answer 23

Fully Mapped I/O

Question 24

Which OS architecture has all the operating system processes running in kernel mode?

A. Monolithic
B. Layered
C. Microkernel
D. Hybrid microkernel

Answer 24

Monolithic

Question 25

Which OS architecture has all the OS processes run in a hierarchical model in kernel mode?

A. Monolithic
B. Layered
C. Microkernel
D. Hybrid microkernel

Answer 25

Layered

Question 26

Which OS architecture has all the operating system processes running in kernel mode, with core processes running within a micro kernel and others running in a client\server model?

A. Monolithic
B. Layered
C. Microkernel
D. Hybrid microkernel

Answer 26

Hybrid microkernel

Question 27

A virtual machine is commonly referred to as a _______ that is executed in the ________ environment. The VMs communicate with a __________ within the host environment, which is responsible for managing system resources.

Answer 27

Guest
Host
Hypervisor

Question 28

The _________ is the hardware, firmware, and software of the Trusted Computing Base (TCB) that implements the concept of the reference monitor.

Answer 28

Security Kernel

Question 29

A ___________ is a concept in which an abstract machine mediates all access to objects by subjects.

Answer 29

Reference monitor

Question 30

This security model provides and addresses confidentiality only with three main rules:

• Simple security rule
• *-property (star property rule)
• Strong star property rule

Also, the “tranquility principle.”

A. Brewer and Nash Model
B. Bell-LaPadula Model
C. Clark-Wilson Model
D. Biba Model

Answer 30

Bell-LaPadula Model

• Simple security rule - Subject can not read data at a higher security level.
• -property (star property rule) - Subject can not write data to a lower security level.
• Strong star property rule - Subject with read/write permissions can only do those at the same security level.

-Strong tranquility - The security levels of an object should never change.

Question 31

This security model addresses integrity only within a system with the following three main rules:

*-integrity axiom
Simple integrity axiom
Invocation property

A. Brewer and Nash Model
B. Bell-LaPadula Model
C. Graham-Denning Model
D. Biba Model

Answer 31

Biba Model

*-integrity axiom - No write up
Simple integrity axiom - No read down
Invocation property - A subject can not invoke a service at a higher integrity level.

Question 32

This security model is implemented to protect the integrity of data and to ensure that properly formatted transactions take place.

• Subjects can access objects only through authorized programs (access triple)
• Separation of duties
• Auditing is required

A. Brewer and Nash Model
B. Bell-LaPadula Model
C. Clark-Wilson Model
D. Biba Model

Answer 32

Clark-Wilson Model

Access triple is like the User -> Interface -> Backend

Question 33

Also known as the Chinese Wall model, this security model allows for dynamically changing access controls that protect against conflicts of interest.

A. Brewer and Nash Model
B. Graham-Denning Model
C. Clark-Wilson Model
D. Biba Model

Answer 33

Brewer and Nash Model

Question 34

This security model shows how subjects and objects should be created and deleted. It also addresses how to assign specific access rights.

A. Brewer and Nash Model
B. Bell-LaPadula Model
C. Graham-Denning Model
D. Biba Model

Answer 34

Graham-Denning Model

Question 35

________ is the international standard that is used as the basis for the elavulation of security properties of products under the Common Criteria (CC) framework.

Answer 35

ISO/IEC 15408

Question 36

_________ is the technical evaluation of a system or product and its security components for the purpose of accreditation.

A. Certification
B. Assurance Evaluation
C. Accreditation
D. Auditing

Answer 36

Certification

Moving away from C&A and toward Continuous Monitoring.

Question 37

__________ is managements formal approval and acceptance of the security provided by a system.

A. Certification
B. Assurance Evaluation
C. Accreditation
D. Auditing

Answer 37

Accreditation

Moving away from C&A and toward Continuous Monitoring.

Question 38

What is a maintenance hook?

Answer 38

A backdoor used by developers. Should be removed b4 release.

Question 39

This type of attack takes advantage of the dependency on the timing of events that take place in a multitasking operating system. The attacker jumps in between two tasks and modifies something to control results.

Answer 39

Time-of-Check/Time-of-Use (TOC/TOU)

Question 40

This type of attack makes processes execute out of sequence to control results.

Answer 40

Race Condition

Question 41

What is a countermeasure for race condition attacks?

Answer 41

Atomicise processes

Question 42

What is a countermeasure for Time-of-Check/Time-of-Use attacks?

Answer 42

Software locks on files.

Harder to put software locks on database components.

Question 43

Which of the following is not a component of ICS?

A. Distributed Control System
B. Programmable Logic Controllers
C. Embedded Systems
D. Supervisory Control and Data Acquisition

Answer 43

Embedded Systems

Question 44

A SCADA system involves three kinds of devices: endpoints, backends, and user stations. What components are used for these?

Answer 44

Endpoints - Remote Terminal Unit (RTU) or PLCs
Backends - Data acquisition servers (DAS)
User stations - Human-machine interface (HMI)

Question 45

The CPU uses this to keep track of where it is in the memory stack

A. Program Counter
B. Stack Pointer
C. Return Pointer
D. Stack Counter

Answer 45

B

Question 46

This register contains the memory address of the next instruction to be fetched.

A. Program Counter
B. Stack Pointer
C. Return Pointer
D. Stack Counter

Answer 46

A

Question 47

This formal multi-level security model states that commands and activities performed at one security level should not be seen by, or affect, subjects or objects at a different security level.

A. Brewer and Nash Model
B. Noninterference Model
C. Graham-Denning Model
D. Biba Model

Answer 47

Noninterference Model