Sybex Chp 9

Question 1

Allows for a “sandbox” mode to isolate the program from the rest of the OS and enforces strict rules about resources those objects can access.

Java Applets
Active X Controls

Answer 1

Java Applets

Active X Controls are not subject to sandbox rules, have full access to the Windows OS, and can perform a number of privileged actions.

Question 2

What is Grid Computing?

Answer 2

Grid Computing is a form of parallel distributed processing that loosely groups a significant number of processing nodes to work toward a specific processing goal.

Question 3

What are some of the concerns with Grid Computing?

Answer 3

1) The content of each work packet is potentially exposed to the world
2) Potential risk of a compromise at the central grid servers could trick grid members into performing malicious actions

Question 4

True / False

SXML is often used to provide web-based SSO

Answer 4

True

Question 5

What are the goals of MDM

Answer 5

Mobile Device Management goals include:

1) improve security
2) provide monitoring
3) enable remote management
4) support troubleshooting

Question 6

What is the IoT?

Answer 6

Internet of Things

Collection of devices that can communicate over the Internet with one another or with a control console in order to affect and monitor the real world.

Question 7

How is a wrapper used in a Trojan Horse?

Answer 7

A wrapper is something used to enclose or contain something else.

Question 8

True or False

So that layer integrity is maintained, inner layers neither know or depend on outer layers

Answer 8

True

Question 9

Ensures that data existing at one level of security is not visible to processes running at different security levels.

Answer 9

Data Hiding

Question 10

Requires that the OS provide separate memory spaces for each process’s instructions and data.

Answer 10

Process Isolation

Question 11

True or False

Process Isolation protects the integrity of a process

Answer 11

True

Process Isolation prevents unauthorized data access

Question 12

True or False

It is generally better to use APIs to ask for supervisory mode services or to pass control to trusted, well-protected supervisory mode processes.

Answer 12

True

Question 13

__________ is the application of the principal of least privilege to administrators.

Answer 13

Separation of Duties

Question 14

Define covert channel

Answer 14

A method that is used to pass information over a path that is not normally used for communications.

Covert Timing Channel - conveys information by alerting the performance of a system component or modifying a resource’s timing in a predictable way.

Covert Storage Channel - conveys information by writing data to a common storage area where another process can read it

Question 15

Trusted Recovery

Answer 15

ensures that all system controls remain intact in the event of a crash.

Question 16

Data Diddling

Answer 16

Making small (non-obvious) random or incremental changes to data during storage, processing, input, output, or transaction

Attack commonly performed by insiders

Question 17

TOCTOU is also called a __________

Answer 17

Time of Check, Time of Use id also called a:

Race Condition

Question 18

Simultaneous execution of multiple applications on a single processor

Multithreading
Multitasking
Multiprocessing
Multiprogramming

Answer 18

Multitasking

Question 19

More than one CPU harnesses the power of more than one processor to execute a single application

Multithreading
Multitasking
Multiprocessing
Multiprogramming

Answer 19

Multiprocessing

Question 20

Pseudo-simultaneous execution of two tasks on a single processor coordinated by the OS (usually done in batch)

Multithreading
Multitasking
Multiprocessing
Multiprogramming

Answer 20

Multiprogramming

Question 21

Permits multiple concurrents tasks to be performed within a single process (MS Word open with two documents)

Multithreading
Multitasking
Multiprocessing
Multiprogramming

Answer 21

Multithreading

Question 22

What is the most effective means for reducing risk of losing data on a mobile device, such as a notebook computer?

1) Defining a strong logon password
2) Minimizing sensitive data stored on the mobile device
3) Using a cable lock
4) Encrypting the hard drive

Answer 22

Minimizing sensitive data stored on the mobile device

think like a manager

Question 23

What type of electrical component serves as the primary building block for dynamic RAM?

1) Capacitor
2) Resistor
3) Flip-flop
4) Transistor

Answer 23

Capacitor

Question 24

What type of memory can be written to once?

ROM
PROM
EPROM
EEPROM

Answer 24

PROM

Question 25

What type of memory is a system BIOS usually written to?

ROM
PROM
EPROM
EEPROM

Answer 25

EEPROM

Question 26

What type of memory requires ultraviolet light to be shone through a window in order to be erased?

Answer 26

EPROM

Question 27

What type of memory is directly available to the CPU?

Real Memory
Cache Memory
Registry Memory
Virtual Memory

Answer 27

Registry Memory

Question 28

In what type of addressing scheme is the data actually supplied to the CPU as an argument to the instruction?

Direct addressing
Immediate addressing
Base+offset addressing
Indirect offsetting

Answer 28

Immediate addressing

Question 29

In what type of addressing scheme supplies the CPU with a location that contains the memory address of the actual operand?

Direct addressing
Immediate addressing
Base+offset addressing
Indirect offsetting

Answer 29

Indirect offsetting

Question 30

Which security principal mandates that only a minimum number of operating system processes should run in supervisory mode?

Abstraction
Layering
Data hiding
Least privledge

Answer 30

Least privledge

Question 31

Which security principal takes the concept of process isolation and implements it using physical controls?

Hardware segmentation
Data hiding
Layering
Abstraction

Answer 31

Hardware segmentation