Software

Question 1

ASIF

Answer 1

Sparse format
Delta layers
Plugin for Amber

Question 2

AMBER

Answer 2

Apple Modular Block Device Library

Question 3

AEBD

Answer 3

Apple Encrypted Block Device

Question 4

KNOX

Answer 4

Asset database
Fast and secure storage

Question 5

NBD

Answer 5

Network block device

Question 6

FileVault

Answer 6

Storage encryption with volume key (class C protection on ASM)

Question 7

Data Protection

Answer 7

File Encryption

Question 8

Data Vault

Answer 8

Restrict access to the data of an app from all other requesting apps

Question 9

Sandbox access controls

Answer 9

Restrict what data an app can access

Question 10

GCD: definition and description

Answer 10

Grand central dispatch
Execute code concurrently on multicore hardware by submitting work to dispatch queues managed by the system

Question 11

Forward secrecy

Answer 11

Ensures session keys will not be compromised even if long term secrets used in the session key exchange are compromised

Question 12

ARV

Answer 12

Authenticated root volume

Question 13

Evil Maid Attack

Answer 13

An attack on an unattended device, in which an attacker alters it in some undetectable way so that they can later access the device, or the data on it.

Question 14

ABD: description

Answer 14

file format for external customers that support AMBER like functions

Question 15

ACS

Answer 15

Apple Cloud Service

Question 16

DT: definition and two goals

Answer 16

Developer Tools
Planning to use virtual machine to test different OS and Xcode
replace Xcode simulator

Question 17

MAC stadium

Answer 17

Build and run with macOS in the cloud

Question 18

Journaling file system

Answer 18

Keep track of uncommitted changes in a data structure to avoid data corruptions

Question 19

CAS

Answer 19

Build server

Question 20

What are the two ways to find build records?

Answer 20

xbs buildrecords
knox download/extract build-record

Question 21

New train names

Answer 21

Luck iOS
Cheer macOS
Napili watch
Charisma tv
Wonder Xcode
Discovery vision

Question 22

Libkrun

Answer 22

Rust based virtual machine monitor that links directly to hypervisor framework

Question 23

Orbstack

Answer 23

Run docker container and Linux on macOS VM

Question 24

Accelerate framework

Answer 24

Make large scale mathematical computations and image calculations using SME and AMX

Question 25

Gray matter

Answer 25

Apple intelligence

Question 26

Networking: ESP: define, who, what

Answer 26

Encapsulating security payload
Member of IPSec set of protocols
encrypt and authenticate the data packets between computers using a VPN

Question 27

VMNet

Answer 27

Apple Framework for virtual machines to read and write packets

Question 28

Stolen time

Answer 28

Time that guest is ready to run but not scheduled

Question 29

Network link conditioner

Answer 29

Xcode tool to control bandwidth, latency and packet loss

Question 30

VZVirtioSocketDevice

Answer 30

A device that manages port-based connections between guest and host

Question 31

Four trap controls for performance monitors

Answer 31

ARM PMU register
CPMU, UPMU and CLPC registers

Question 32

How CPMU registers are partitioned

Answer 32

Guarded vs unguarded
Host vs guest

Question 33

Two functions of PMCR0_EL1

Answer 33

Enabling CPMU counters
Configuring overflow interrupts

Question 34

Apple framework

Answer 34

A bundled shared library (dylib), which contains code and miscellaneous files

Question 35

libSystem: 3 facts

Answer 35

Darwin’s most essential library
Services provided by the lowest level of the C runtime
Wrappers over kernel functions

Question 36

NMOS

Answer 36

Next mainline OS

Question 37

Linux namespace

Answer 37

Partition kernel resources such that one set of processes sees one set of resources, while another set of processes sees a different set of resources

Question 38

VirtioFS: 3 facts

Answer 38

This uses the FUSE protocol, funnels requests through shared memory, and handles them on macOS

Question 39

Recap

Answer 39

API and CLI to Synthetically playback events or gestures on a device

Question 40

Virtio Net: what, how, who

Answer 40

Paravirtualized network device
Use shared memory for data transmission
Adopted in Linux and other operating systems

Question 41

Impacts of entitlements on VM ISA

Answer 41

security.hypervisor allows generic ISA
Private.hypervisor.apple - allows Apple ISA
private.hypervisor - allows Apple ISA at least but also internal ISA for
Development kernel, AppleInternal, research guests

Question 42

Darwin’s four kernel interfaces

Answer 42

System calls
Mach traps
Machine dependent calls (machdep)
Comm page

Question 43

ACPI: definition, info, code, management

Answer 43

Advanced configuration and power interface
Description of a computer’s configuration and its various components
Associate drivers with its system peripherals
Platform interfaces for power and system management

Question 44

PSCI: definition and four management functions

Answer 44

Power state coordination interface
Core idle management
Dynamic addition and removal of cores
secondary core boot
System shutdown and reset

Question 45

SMCCC: 4 things being defined

Answer 45

Defines a common calling mechanism to be used with SMC and HVC
Defines how registers are used to pass parameters and results
Defines service types
Defines Arm architectural calls

Question 46

NAT: definition and description

Answer 46

Network address translation
Map one address space to another by modifying address information in the IP header in transit across a routing device or virtual machine monitor

Question 47

TAP in Linux: definition, what, vm, why

Answer 47

Terminal access point
Network device mode that allows the creation of a virtual network interface
Support network backend for virtual machines
More performant and capable than SLIRP (user networking)

Question 48

CentOS: one liner

Answer 48

Linux distribution derived from Red Hat Enterprise Linux

Question 49

Three VMWare scheduling constraints

Answer 49

Shares
Reservation
Limit

Question 50

Two ways to put expiring workarounds

Answer 50

_CFAppVersionCheckLessThan

dyld_program_sdk_at_least

Question 51

Names of 1000 bytes to the power of 1 to 5

Answer 51

Kilobytes, megabytes, gigabytes, terabytes, petabytes

Question 52

Names of 1024 bytes to the power of 1 to 5

Answer 52

Kibibytes, Mebibytes, Gibibytes, tebibytes, pebibytes

Question 53

PCIe BAR: what, where and how many

Answer 53

Describe a memory region the CPU accesses to interact with a PCIe device
Defined in configuration space
Each device has 8 functions, and each has 6 BARs

Question 54

Kali Linux

Answer 54

Debian based Linux distribution geared toward information security tasks

Question 55

P2V: definition and description

Answer 55

Physical to virtual
Migration of physical machines to virtual machines

Question 56

Libkern

Answer 56

C++ runtime environment in XNU

Question 57

IOKit: what, find, interface, support

Answer 57

Objected oriented kernel drivers
A driver is looked up through IORegistry
Driver properties are provided in IOUserClient
Kernel APIs

Question 58

APFS: definition and 4 features

Answer 58

Apple File System
Full 64-bit mode, snapshots, encryption, volume management

Question 59

APFS: definition and 4 features

Answer 59

Apple File System
Full 64-bit mode, snapshots, encryption, volume management

Question 60

DMG: what, why

Answer 60

Disk image
bundling software distribution into single files and can be mounted as a block device

Question 61

FSEvent: description

Answer 61

File system wide notifications

Question 62

Apple CLI to gather details about every aspect of the system

Answer 62

system_profiler

Question 63

Apple home applications

Answer 63

MacOS: finder
iOS: SpringBoard
TvOS: Pineboard
WatchOS: carousel
AudioOS: soundboard

Question 64

Apple HID monitor

Answer 64

MacOS: WindowServer
Others: backboardd

Question 65

Two entities of MacOS window

Answer 65

IOSurface provides the visible view
Tactile layer provides user input

Question 66

VirtioBlk: what and how to communicate

Answer 66

Simple virtual block device
Communication based on the virtio notification and queues

Question 67

Isochronous transfer in USB

Answer 67

Transmit at a constant rate for real time information such as audio and video

Question 68

Bridged networking

Answer 68

Replicate another node in the physical network and your VM will receive its own IP address if DHCP is enabled in the network

Question 69

SMBIOS: definition and function

Answer 69

System Management BIOS
Reading management information produced by the BIOS of a computer

Question 70

MDM: definition and 2 facts

Answer 70

Mobile device management
Securely and wirelessly configure a device by sending profiles and commands
Administer managed preferences

Question 71

Apple Open Directory: 2 facts

Answer 71

Light weight directory protocol (LDAP) implementation from Apple
Organize information about a network’s users and resources

Question 72

When isn’t APFS clone used?

Answer 72

Copy to a different volume
Copy nested directory
Extra: cp -c

Question 73

REST API: 2 facts

Answer 73

conforms to the representational state transfer principles
Integrate applications and components in microservices architecture

Question 74

XPC services: 3 benefits

Answer 74

mediate access to a shared resource
continue work beyond a client’s lifecycle
narrow the scope of access for different functionality

Question 75

3 Apple service types

Answer 75

Launch agent
Launch daemon
XPC service

Question 76

GPTK

Answer 76

Game porting kit

Question 77

Ray tracing

Answer 77

Technique for rendering light transport

Question 78

Turing machine: what and why

Answer 78

Abstract machine that manipulates symbols on a strip of tape according to a table of rules
Prove properties of computation in general

Question 79

IPSW: definition and description

Answer 79

iPhone software
File format for most Apple firmware

Question 80

Apple three commands to debug memory usage

Answer 80

leaks —outputGraph
Footprint
Vmmap

Question 81

Owned unmapped memory

Answer 81

Represent memory that your process allocated, shared with another process, unmapped from its own address space but not yet unmapped from the other process address space

Question 82

SFR

Answer 82

System firmware and recovery

Question 83

EBS

Answer 83

Block storage service designed for Amazon Elastic Compute Cloud (EC2)

Question 84

BSD interface name

Answer 84

Network driver name followed by a number.
Ex. En0

Question 85

Thimble

Answer 85

Trusted hybrid inference machine learning

Question 86

TCB in security: definition and description

Answer 86

Trusted computer base
Set of components that collectively enforce the system’s security properties

Question 87

Inode: definition and description

Answer 87

Index node
Data structure that describes a file or directory

Question 88

VHDX

Answer 88

Virtual hard disk drive of a virtual machine used by hyper-v

Question 89

Universal binary

Answer 89

Package with one binary for each architecture

Question 90

Apple CLI to see architectures of a universal binary

Answer 90

file

Question 91

Apple CLI to see details of a Mach O file

Answer 91

otool

Question 92

WASM

Answer 92

Web assembly

Question 93

Shared library cache

Answer 93

Prelink various commonly used Mach O dylibs into one file per architecture

Question 94

What does kevent do?

Answer 94

Block current thread until any of the requested events occur

Question 95

SPRR

Answer 95

Shadow permissions remap registers

Question 96

APRR

Answer 96

Access permissions remap registers

Question 97

CTRR

Answer 97

Configurable text read only region

Question 98

CDN: d2

Answer 98

Content distribution network
Geographically distributed network of proxy servers and their data centers

Question 99

UAF

Answer 99

Use after free

Question 100

Palladium

Answer 100

In circuit emulation for verification and debug

Question 101

Amazon: AMI

Answer 101

Amazon machine image

Question 102

AWS Nitro

Answer 102

Combination of dedicated hardware and lightweight hypervisor for running EC2 instances efficiently and securely

Question 103

VPC: d2

Answer 103

Virtual private cloud
Networking for cloud based resources and services that is global, scalable and flexible

Question 104

Tart VM: 2 facts

Answer 104

Link to virtualization framework
Run locally or in the cloud

Question 105

AI quantization: what, why

Answer 105

Convert input values from a large set to output values in a small set
Reduce computation demands of AI models

Question 106

NumPy

Answer 106

Python package for scientific computing

Question 107

Swift structured concurrency: two keywords

Answer 107

Async to define a method for doing asynchronous work
Await to call an async method

Question 108

DPDK: D2

Answer 108

Data Plane Development Kit
Open source kit consists of libraries to accelerate package processing workloads running on a wide variety of CPUs.

Question 109

Apple VideoToolbox: what and why

Answer 109

Low level framework that provides direct access to hardware encoders and decoders
For video compression and decompression, and for conversion between raster image formats

Question 110

Rasterization

Answer 110

Converting images in a vector graphics format to raster format used by display monitors

Question 111

TBB: d2

Answer 111

Thread building block
C++ template library from Intel for parallel programming on multi core processors

Question 112

Future

Answer 112

place holder for the result of an asynchronous operation

Question 113

Promise

Answer 113

Set the value of a future once an asynchronous operation is complete

Question 114

Pure function: do, don’t

Answer 114

Return the same result given the same argument
Cannot be affected by mutable states or other side effects

Question 115

VFS: define, what, why

Answer 115

Virtual file system
Standard interface for all file systems
Enable Linux to support large number of file systems

Question 116

SQ: define, push, pop

Answer 116

DI2 submission queue
Producer pushes a SQE for a new IO request, which rings the doorbell
Consumer pops a SQE to service the request

Question 117

CQ: define, push, pop

Answer 117

DI2 Complete Queue
Push a CQE for a completed IO operation, which may invoke a callback function.
Pop CQE to acknowledge

Question 118

Upward dependency

Answer 118

Two software modules that have link dependencies on each other

Question 119

TCC: definition, user perspective, OS perspective

Answer 119

Transparency, consent and control
OS perspective: manager of authorizing system
User perspective: decision input point

Question 120

ACIO: DD

Answer 120

Apple Converged Input Output
Apple trade-mark for USB 4.0

Question 121

OVS: definition, connections, routing

Answer 121

Open vSwitch
Connecting different VMs and Internet
Route packets from vhost net and NIC

Question 122

Libvirt : 2 functions

Answer 122

Translate XML configurations to QEMU CLI calls
Provide admin daemon to manage QMU child processes

Question 123

vhost protocol

Answer 123

Allows the virtio data plane implementation to be offloaded to another element (user process or kernel module) for performance

Question 124

Two meanings of virtio net

Answer 124

Virtio networking device implementation
Guest kernel front end described in the vhost net protocol

Question 125

DPDK: dd

Answer 125

Data plane development kit
Bypass the kernel networking stack and directly access network devices

Question 126

AMFI: definition, two functions

Answer 126

Apple Mobile files integrity
Validate code signatures
Ensure they are signed by a trusted authority

Question 127

ABA problem in concurrency

Answer 127

A value is read is twice and it’s having the same value is used to conclude nothing has happened in the interim

Question 128

REMITS: what, each letter

Answer 128

Chain of trust pipeline
Root of trust
Endorsement
Measurement
Identity
Trust
Secrets

Question 129

TCG in QEMU: D2

Answer 129

Tiny Code Generator
Dynamic translation backend that translates guest code to host code

Question 130

When is RC_XBS defined?

Answer 130

Both local and B&I builds using buildit

Question 131

When is RC_BUILDIT defined?

Answer 131

local build using buildit

Question 132

COCONUT SVSM: what, trust, 3 services

Answer 132

Secure VM service module
same trust boundary but isolated from guest operating system
vTPM
UEFI variable store
Live migration for CVMs

Question 133

IGVM: definition, 2 facts

Answer 133

Independent guest virtual machine
Encapsulate all the information required to launch a virtual machine on any virtualization stack
Contain measurement

Question 134

ARC: define, how, so what

Answer 134

Automatic reference counting
Retain and release are inserted at compile time
Deallocate objects with zero reference

Question 135

VPC: d2

Answer 135

Virtual private cloud
An isolated and customizable network within a public cloud

Question 136

Syntactic sugar

Answer 136

Programming syntax that’s easier to read and write

Question 137

Mersenne twister

Answer 137

Pseudo number generator

Question 138

Paravisor: security, function

Answer 138

Executed within the VM but higher privilege than the guest OS
Provide virtualization and device services

Question 139

OpenVMM

Answer 139

Modular cross-platform virtual machine monitor written in Rust

Question 140

OpenHCL - what, parts, why

Answer 140

Open source paravisor
Consists of OpenVMM, boot loader and Linux kernel
Confidential compute for non enlightened guests

Question 141

Progression of kernel memory corruption exploit - 6 steps

Answer 141

vulnerability → constrained memory corruption → strong memory corruption → memory read/write → control flow integrity bypass → arbitrary code execution

Question 142

Monad: what, why

Answer 142

Structure that combines program fragments and wraps their return values in a type with additional computations
Simplifying common operations and abstracting control flows

Question 143

Hyperlight: what, who

Answer 143

Open Source Rust library enabling fast and secure execution of small functions using hypervisor based protection
Developed by Microsoft Azure