Vulns, Threats, CounterMeasures

Question 1

Processor

Answer 1

CPU. Governs all major operators.

Question 2

Multi-tasking

Answer 2

Processor Execution Type. Handling 2+ tasks simultaneously, more simulation

Question 3

Multi-processing

Answer 3

System with more than one processor (CPU) to complete the execution of a single application.

Question 4

Processor Execution Types

Answer 4

Multi-tasking
Multi-processing
Multi-threading
Multi-programming

Question 5

SMP / MPP

Answer 5

Multi-processing
Symmetric multiprocessing: single computer with multiple processors treated equally, controlled by single OS

Massively parallel processing: tons of processors, each with dedicated resources

Question 6

Multi-programming

Answer 6

Similar to multi-tasking. OS coordinates pseudosimultaneous execution of two tasks on a single processor

Batch/serialize multiple processor

Question 7

Multi-threading

Answer 7

Multiple concurrent tasks to be performed within a single process.

Question 8

Single State/Multi State (processing types)

Answer 8

Single: a processor/system only handles one level of security/data. Policy.

Multi-state: can handle multiple levels of security by leveraging protection mechanisms.

Question 9

Protection Rings

Answer 9

L0: OS Kernel/Memory
L1: OS components
L2: Drivers, protocols, etc.
L3: User / programs, application (user mode)

mediated access model

Question 10

Process States

Answer 10

Ready
Waiting
Running
Supervisory
Stopped

Question 11

Security Modes

Answer 11

Dedicated
System High
Compartmented
Multilevel

Valid Sec Clearance
Access approval for all info processed by system
Valid NTK

Question 12

Operating Modes

Answer 12

User Mode

System Mode

Question 13

Read-only memory

Answer 13

ROM. Can’t be altered.

Question 14

PROM

Answer 14

Programmable ROM. User can burn in contents later.

Question 15

EPROM

Answer 15

erasable PROM. EEPROM, UVEPOM

Question 16

Flash memory

Answer 16

Derivative of EEPROM. NAND flash, used in memory cards, thumb drives, mobile devices, SSDs

Question 17

RAM

Answer 17

Random access memory. Readable/writeable memory that CPU uses during processing.

Only exists when power on. Temp storage.

Question 18

Real memory

Answer 18

Main/primary memory. Largest RAM storage on computer. Dynamic RAM

Question 19

Cache RAM

Answer 19

Taking data from slower devices and temporarily loading it in faster devices for high repeat use.

Question 20

Dynamic vs static ram

Answer 20

Dynamic: capacitors. CPU must spend time refreshing contents to ensure integrity.

Static: flip-flop. More costly, much faster.

Question 21

Registers

Answer 21

Onboard memory on CPU, directly accessible data to ALU (arithmetic logical unit)

Question 22

Register Addressing

Answer 22

“Register 1”

Question 23

Immediate addressing

Answer 23

“Add 2 to register 1”

Question 24

Direct addressing

Answer 24

CPU is given actual address of memory location

Question 25

Indirect addressing

Answer 25

Memory address points to intermediate memory address of actual locatino

Question 26

Memory Addressing

Answer 26

Register
Immediate
Direct
Indirect
BaseOffset

Question 27

Secondary Memory

Answer 27

Magnetic, optical, flash-based media/other that contain data not available to CPU.

Much cheaper.

Question 28

Virtual Memory

Answer 28

type of secondary memory.

Pagefile is most common. Paging - brings data from disk back into real memory

Question 29

Memory security issues

Answer 29

Proper erasure
Theft
Freezing
Access data stored in memory while in use

Question 30

Primary vs secondary storage

Answer 30

Primary storage = primary memory == RAM.

Secondary storage = secondary memory = .. all

Question 31

Volatile vs non-volatile

Answer 31

How likely it is to lose data when power is off

Question 32

Random vs sequential

Answer 32

Random: can access any data wherever whenever.

Question 33

Storage Media security

Answer 33

Data Remanence
SSD sanitization
Theft
Access to data

Question 34

Phreaking

Answer 34

Van eck phreaking - TEMPEST. Getting monitor data from afar

Question 35

Modems

Answer 35

Suck. remove them.

Question 36

Memory-mapped I/O

Answer 36

Indirect mapping between CPU addresses and actual address.

Question 37

Interrupt IRQ

Answer 37

Device sends signal on assigned IRQ. OS must control access to IRQs

Question 38

Direct memory access

Answer 38

DMA, DACK. OS brokers once, CPU gets out of way. Devices exchange data with real memory directly.

Question 39

Firmware

Answer 39

software stored on ROM chip.

Question 40

BIOS

Answer 40

Basic input/output system. Independent instructinos that a computers needs to start up and load the OS from disk.

Question 41

BIOS

Answer 41

Basic input/output system. Independent instructinos that a computers needs to start up and load the OS from disk.

Question 42

phlashing

Answer 42

malicious code embedding itself into BIOS/firmware.

Question 43

Applets

Answer 43

Mini programs sent from server to a client. But expose client to remote-send code to be executed

Java
ActiveX

Question 44

Local Cache issues

Answer 44

ARP Poisoning
DNS cache poisoning
HOSTS file
Authorizing DNS attacks
Cache DNS server attacks
DNS query spoofing
Temporary internet files

Question 45

Database security

Answer 45

Aggregation
Inference
Data Mining
Data Warehousing
Data Analytics

Question 46

Mobile Device Security

Answer 46

Device security: encryption, remote wiping, lockout, screen locks, GPS, app control, storage segmentation, asset tracking, inventory control, MDM, device access control, removable storage, disabling unused features

Question 47

App Sec

Answer 47

Key mgmt, Cred mgmt, Auth, geotagging, encryption, app whitelisting

Question 48

BYOD concerns

Answer 48

data ownership, support ownership, patch mgmt, av mgmt, forensics, privacy, on/off boarding, adherence to corporate policies, user acceptance, legal concerns, camera/videos