Software Flashcards

Question 1

Q

ASIF

3 Facts

Answer

A

Sparse format
Delta layers
Plugin for Amber

Question 2

Q

AMBER

Definition

Answer

A

Apple Modular Block Device Library

Question 3

Q

AEBD

Definition

Answer

A

Apple Encrypted Block Device

Question 4

Q

KNOX

2 facts

Answer

A

Asset database
Fast and secure storage

Question 5

Q

NBD

Definition

Answer

A

Network block device

Question 6

Q

FileVault

Definition, Use on ASM

Answer

A

Storage encryption with volume key
Class C protection on ASM

Question 7

Q

Data Protection

Definition

Answer

A

File Encryption

Question 8

Q

Data Vault

Definition

Answer

A

Restrict access to the data of an app from all other requesting apps

Question 9

Q

Sandbox access controls

Definition

Answer

A

Restrict what data an app can access

Question 10

Q

GCD

definition and description

Answer

A

Grand central dispatch
Execute code concurrently on multicore hardware by submitting work to dispatch queues managed by the system

Question 11

Q

Forward secrecy

Definition

Answer

A

Ensures session keys will not be compromised even if long term secrets used in the session key exchange are compromised

Question 12

Q

ARV

Definition

Answer

A

Authenticated root volume

Question 13

Q

Evil Maid Attack

Description

Answer

A

An attack on an unattended device, in which an attacker alters it in some undetectable way so that they can later access the device, or the data on it.

Question 14

Q

ABD

description

Answer

A

file format for external customers that support AMBER like functions

Question 15

Q

ACS

Definition

Answer

A

Apple Cloud Service

Question 16

Q

DT

Apple Team

definition, two goals

Answer

A

Developer Tools
Planning to use virtual machine to test different OS and Xcode
replace Xcode simulator

Question 17

Q

MAC stadium

Purpose

Answer

A

Build and run with macOS in the cloud

Question 18

Q

Journaling file system

Description

Answer

A

Keep track of uncommitted changes in a data structure to avoid data corruptions

Question 19

Q

CAS

Apple Technology

Description

Answer

A

Build server

Question 20

Q

What are the two ways to find build records?

Answer

A

xbs buildrecords
knox download/extract build-record

Question 21

Q

New train names

Apple builds

Answer

A

Luck iOS
Cheer macOS
Napili watch
Charisma tv
Wonder Xcode
Discovery vision

Question 22

Q

Libkrun

Description

Answer

A

Rust based virtual machine monitor that links directly to hypervisor framework

Question 23

Q

Orbstack

Purpose

Answer

A

Run docker container and Linux on macOS VM

Question 24

Q

Accelerate framework

Apple Software Stack

Description

Answer

A

Make large scale mathematical computations and image calculations using SME and AMX

Question 25

Q

define, who, what

ESP

Networking Technology

Answer

A

Encapsulating security payload
Member of IPSec set of protocols
encrypt and authenticate the data packets between computers using a VPN

Question 26

Q

Description

VMNet

Apple Tech

Answer

A

Apple Framework for virtual machines to read and write packets

Question 27

Q

Description

Stolen time

Answer

A

Time that guest is ready to run but not scheduled

Question 28

Q

Description

Network link conditioner

Answer

A

Xcode tool to control bandwidth, latency and packet loss

Question 29

Q

Description

VZVirtioSocketDevice

Answer

A

A device that manages port-based connections between guest and host

Question 30

Q

Four trap controls for performance monitors

ARM

Answer

A

ARM PMU register
CPMU, UPMU and CLPC registers

Question 31

Q

How CPMU registers are partitioned

ARM

Answer

A

Guarded vs unguarded
Host vs guest

Question 32

Q

Two functions of PMCR0_EL1

ARM

Answer

A

Enabling CPMU counters
Configuring overflow interrupts

Question 33

Q

Description

Apple framework

Answer

A

A bundled shared library (dylib), which contains code and miscellaneous files

Question 34

Q

3 Facts

libSystem

Apple Tech

Answer

A

Darwin’s most essential library
Services provided by the lowest level of the C runtime
Wrappers over kernel functions

Question 35

Q

Definition

NMOS

Apple Term

Answer

A

Next mainline OS

Question 36

Q

Description

Linux namespace

Answer

A

Partition kernel resources such that a process can only access resources of its namespace

Question 37

Q

3 facts

VirtioFS

Answer

A

This uses the FUSE protocol, funnels requests through shared memory, and handles them on macOS

Question 38

Q

Description

Recap

Apple Tech

Answer

A

API and CLI to Synthetically playback events or gestures on a device

Question 39

Q

what, how, who

Virtio Net

Answer

A

Paravirtualized network device
Use shared memory for data transmission
Adopted in Linux and other operating systems

Question 40

Q

3 Entitlements

Impacts of entitlements on VM ISA

Apple Tech

Answer

A

security.hypervisor allows generic ISA
Private.hypervisor.apple - allows Apple ISA
private.hypervisor - allows Apple ISA at least but also internal ISA for
Development kernel, AppleInternal, research guests

Question 41

Q

Darwin’s four kernel interfaces

Apple Tech

Answer

A

System calls
Mach traps
Machine dependent calls (machdep)
Comm page

Question 42

Q

definition, info, code, management

ACPI

Standard

Answer

A

Advanced configuration and power interface
Description of a computer’s configuration and its various components
Associate drivers with its system peripherals
Platform interfaces for power and system management

Question 43

Q

definition and four management functions

PSCI

Standard

Answer

A

Power state coordination interface
Core idle management
Dynamic addition and removal of cores
secondary core boot
System shutdown and reset

Question 44

Q

4 things defined

SMCCC

ARM

Answer

A

Defines a common calling mechanism to be used with SMC and HVC
Defines how registers are used to pass parameters and results
Defines service types
Defines Arm architectural calls

Question 45

Q

definition and description

NAT

Networking Tech

Answer

A

Network address translation
Map one address space to another by modifying address information in the IP header in transit across a routing device or virtual machine monitor

Question 46

Q

definition, what, vm, why

TAP

Linux

Answer

A

Terminal access point
Network device mode that allows the creation of a virtual network interface
Support network backend for virtual machines
More performant and capable than SLIRP (user networking)

Question 47

Q

Description

CentOS

Linux

Answer

A

Linux distribution derived from Red Hat Enterprise Linux

Question 48

Q

Three VMWare scheduling constraints

Answer

A

Shares
Reservation
Limit

Question 49

Q

Two ways to put expiring workarounds

Apple Tech

Answer

A

_CFAppVersionCheckLessThan

dyld_program_sdk_at_least

Question 50

Q

Names of 1000 bytes to the power of 1 to 5

Answer

A

Kilobytes, megabytes, gigabytes, terabytes, petabytes

Question 51

Q

Names of 1024 bytes to the power of 1 to 5

Answer

A

Kibibytes, Mebibytes, Gibibytes, tebibytes, pebibytes

Question 52

Q

what, where and how many

PCIe BAR

Virtio Standard

Answer

A

Describe a memory region the CPU accesses to interact with a PCIe device
Defined in configuration space
Each device has 8 functions, and each has 6 BARs

Question 53

Q

Purpose

Kali Linux

Answer

A

Debian based Linux distribution geared toward information security tasks

Question 54

Q

definition and description

P2V

Answer

A

Physical to virtual
Migration of physical machines to virtual machines

Question 55

Q

Description

Libkern

Apple Tech

Answer

A

C++ runtime environment in XNU

Question 56

Q

what, find, interface, support

IOKit

Apple Tech

Answer

A

Objected oriented kernel drivers
A driver is looked up through IORegistry
Driver properties are provided in IOUserClient
Kernel APIs

Question 57

Q

definition and 4 features

APFS

Apple Tech

Answer

A

Apple File System
Full 64-bit mode, snapshots, encryption, volume management

Question 58

Q

what, why

DMG

Apple Tech

Answer

A

Disk image
bundling software distribution into single files and can be mounted as a block device

Question 59

Q

description

FSEvent

Apple Tech

Answer

A

File system wide notifications

Question 60

Q

Apple CLI to gather details about every aspect of the system

Answer

A

system_profiler

Question 61

Q

Apple home applications

Answer

A

MacOS: finder
iOS: SpringBoard
TvOS: Pineboard
WatchOS: carousel
AudioOS: soundboard

Question 62

Q

Apple HID monitor

Answer

A

MacOS: WindowServer
Others: backboardd

Question 63

Q

Visible view and user input of MacOS window

Answer

A

Visible view: IOSurface
User input: Tactile layer

Question 64

Q

what and how to communicate

VirtioBlk

Standard

Answer

A

Simple virtual block device
Communication based on the virtio notification and queues

Answer 65

A

Transmit at a constant rate for real time information such as audio and video

Answer 66

A

Replicate another node in the physical network
VM will receive its own IP address if DHCP is enabled in the network

Answer 67

A

System Management BIOS
Reading management information produced by the BIOS of a computer

Answer 68

A

Mobile device management
Securely and wirelessly configure a device by sending profiles and commands
Administer managed preferences

Answer 69

A

Light weight directory access protocol (LDAP) implementation from Apple
Organize information about a network’s users and resources

Answer 70

A

Copy to a different volume
Copy nested directory

Extra: cp -c

Answer 71

A

conforms to the representational state transfer principles
Integrate applications and components in microservices architecture

Answer 72

A

mediate access to a shared resource
continue work beyond a client’s lifecycle
narrow the scope of access for different functionality

Answer 73

A

Launch agent
Launch daemon
XPC service

Answer 74

A

Game porting kit

Answer 75

A

Technique for rendering light transport

Answer 76

A

Abstract machine that manipulates symbols on a strip of tape according to a table of rules
Prove properties of computation in general

Answer 77

A

iPhone software
File format for most Apple firmware

Answer 78

A

leaks —outputGraph
Footprint
Vmmap

Answer 79

A

Represent memory that your process allocated, shared with another process, unmapped from its own address space but not yet unmapped from the other process address space

Answer 80

A

System firmware and recovery

Answer 81

A

Block storage service designed for Amazon Elastic Compute Cloud (EC2)

Answer 82

A

Network driver name followed by a number.
Ex. En0

Answer 83

A

Trusted hybrid inference machine learning

Answer 84

A

Trusted computer base
Set of components that collectively enforce the system’s security properties

Answer 85

A

Index node
Data structure that describes a file or directory

Answer 86

A

Virtual hard disk drive of a virtual machine used by hyper-v

Answer 87

A

Package with one binary for each architecture

Answer 88

A

Web assembly

Answer 89

A

Prelink various commonly used Mach O dylibs into one file per architecture

Answer 90

A

Block current thread until any of the requested events occur

Answer 91

A

Shadow permissions remap registers

Answer 92

A

Access permissions remap registers

Answer 93

A

Configurable text read only region

Answer 94

A

Content distribution network
Geographically distributed network of proxy servers and their data centers

Answer 95

A

Use after free

Answer 96

A

In circuit emulation for verification and debug

Answer 97

A

Amazon machine image

Answer 98

A

Combination of dedicated hardware and lightweight hypervisor for running EC2 instances efficiently and securely

Answer 99

A

Virtual private cloud
Networking for cloud based resources and services that is global, scalable and flexible

Answer 100

A

Link to virtualization framework
Run locally or in the cloud

Answer 101

A

Convert input values from a large set to output values in a small set
Reduce computation demands of AI models

Answer 102

A

Python package for scientific computing

Answer 103

A

Async to define a method for doing asynchronous work
Await to call an async method

Answer 104

A

Data Plane Development Kit
Open source kit consists of libraries to accelerate data processing workloads running on a wide variety of CPUs.

Answer 105

A

Low level framework that provides direct access to hardware encoders and decoders
For video compression and decompression, and for conversion between raster image formats

Answer 106

A

Converting images in a vector graphics format to raster format used by display monitors

Answer 107

A

Thread building block
C++ template library from Intel for parallel programming on multi core processors

Answer 108

A

place holder for the result of an asynchronous operation

Answer 109

A

Set the value of a future once an asynchronous operation is complete

Answer 110

A

Return the same result given the same argument
Cannot be affected by mutable states or other side effects

Answer 111

A

Virtual file system
Standard interface for all file systems
Enable Linux to support large number of file systems

Answer 112

A

DI2 submission queue
Producer pushes a SQE for a new IO request, which rings the doorbell
Consumer pops a SQE to service the request

Answer 113

A

DI2 Complete Queue
Push a CQE for a completed IO operation, which may invoke a callback function.
Pop CQE to acknowledge

Answer 114

A

Two software modules that have link dependencies on each other

Answer 115

A

Transparency, consent and control
OS perspective: manager of authorizing system
User perspective: decision input point

Answer 116

A

Apple Converged Input Output
Apple trade-mark for USB 4.0

Answer 117

A

Open vSwitch
Connecting different VMs and Internet
Route packets from vhost net and NIC

Answer 118

A

Translate XML configurations to QEMU CLI calls
Provide admin daemon to manage QMU child processes

Answer 119

A

Allows the virtio data plane implementation to be offloaded to another element (user process or kernel module) for performance

Answer 120

A

Virtio networking device implementation
Guest kernel front end described in the vhost net protocol

Answer 121

A

Data plane development kit
Bypass the kernel networking stack and directly access network devices

Answer 122

A

Apple Mobile files integrity
Validate code signatures
Ensure they are signed by a trusted authority

Answer 123

A

A value is read is twice and it’s having the same value is used to conclude nothing has happened in the interim

Answer 124

A

Chain of trust pipeline
Root of trust
Endorsement
Measurement
Identity
Trust
Secrets

Answer 125

A

Tiny Code Generator
Dynamic translation backend that translates guest code to host code

Answer 126

A

Secure VM service module
same trust boundary but isolated from guest operating system
vTPM
UEFI variable store
Live migration for CVMs

Answer 127

A

Independent guest virtual machine
Encapsulate all the information required to launch a virtual machine on any virtualization stack
Contain measurement

Answer 128

A

Automatic reference counting
Retain and release are inserted at compile time
Deallocate objects with zero reference

Answer 129

A

Virtual private cloud
An isolated and customizable network within a public cloud

Answer 130

A

Programming syntax that’s easier to read and write

Answer 131

A

Pseudo number generator

Answer 132

A

Executed within the VM but higher privilege than the guest OS
Provide virtualization and device services

Answer 133

A

Modular cross-platform virtual machine monitor written in Rust

Answer 134

A

Open source paravisor
Consists of OpenVMM, boot loader and Linux kernel
Confidential compute for non enlightened guests

Answer 135

A

vulnerability → constrained memory corruption → strong memory corruption → memory read/write → control flow integrity bypass → arbitrary code execution

Answer 136

A

Structure that combines program fragments and wraps their return values in a type with additional computations
Simplifying common operations and abstracting control flows

Answer 137

A

Open Source Rust library enabling fast and secure execution of small functions using hypervisor based protection
Developed by Microsoft Azure

Answer 138

A

Acknowledge
Driver
Features OK
Driver OK

Answer 139

A

Device status field
Feature bits
Notifications
Device configuration space
At least one virt queues

Answer 140

A

Configuration change
Available buffer
Used buffer

Answer 141

A

Descriptor area - describe buffers
Driver area - data from driver
Device area - data from device

Answer 142

A

Split
Packed

Answer 143

A

• Driver fills a slot in the descriptor table.
• Driver writes the descriptor index into the available ring.
• Driver sends an available buffer notification.
• Device writes the descriptor index into the used ring.
• Device sends a used buffer notification.

Answer 144

A

Descriptor ring
Driver event suppression
Device event suppression

Answer 145

A

Driver writes an available descriptor for the buffer in the descriptor ring.
Driver sends an available buffer notification.
Device writes a used descriptor in the descriptor ring, thereby overwriting a descriptor previously made available.
Device sends an used buffer notification.

Answer 146

A

Virtual dynamic shared object
Mechanism to export kernel routines to user space
Avoid costs of system calls

Answer 147

A

Address translation service
Converts device IO address to physical address
Translation agent, address translation page table, address translation cache

Answer 148

A

Page request interface
Sent by an endpoint to request a page be mapped into system memory for an ATS transaction

Answer 149

A

Compute express link
Open standard interconnect
high speed, high capacity CPU to memory and CPU to device connections
For data center computers

Answer 150

A

Substitution failure is not an error
It’s a powerful technique used in template metaprogramming to enable conditional compilation based on the properties of types.

Answer 151

A

defaults write com.apple.purplebuddy SetupFinishedAllSteps -bool YES

Brainscape's Knowledge GenomeTM

Software Flashcards

Brainscape's Knowledge Genome^TM