Chapter 4 - System Architecture

Question 0

IEEE/ISO 42010:2007

Answer 0

Systems and software engineering architecture description

Question 1

Computer security

Answer 1

Defined as AIC

Question 2

What is an architects job?

Answer 2

To successfully create views for each stakeholder into a single global plan

Question 3

Register

Answer 3

A temporary storage location for the next CPU task

Question 4

Arithmetic logic unit ALU

Answer 4

Actual execution of instructions occurs here, this is the brain of the processor

Question 5

Control unit

Answer 5

The traffic cop of the CPU .. It serializes the requests from the registers to the ALU

Question 6

General vs special registers

Answer 6

General registers hold variables and temporary data

Special registers hold more static data like program counters and pointers

Question 7

What is the name for the bit that defines user mode vs privileged?

Answer 7

Program status word - PSW

Question 8

What is another name for user mode and privileged mode respectively?

Answer 8

Problem state and kernel/supervisor mode

Question 9

What is the difference between address bus and data bus?

Answer 9

Address bus tells the location what it’s looking for data bus is what allows the data to move between location and CPU

Question 10

LIFO

Answer 10

Last in first out

The order things are processed on the memory stack (think mtg)

Question 11

Return pointer

Answer 11

Usually the first message in telling where to send the data

Question 12

Stack pointer

Answer 12

This is the current stack location while processing a stack

Question 13

Program counter

Answer 13

Holds the memory address for the CPU actions needed

Question 14

Cooperative multitasking vs preemptive multitasking

Answer 14

Cooperative means the resource programmatically releases the resources and preemptive means that the is controls all processing

Question 15

Ready, blocked and running state?

Answer 15

Ready - waiting process
Running - executing process
Block - suspended

Question 16

Process table

Answer 16

Think task manager

Question 17

Maskable vs non-maskable interrupt

Answer 17

Maskable means that the CPU can ignore it and no maskable means the CPU must immediately execute it

Question 18

Watchdog timer

Answer 18

System will reboot if critical systems fail

Question 19

Threads

Answer 19

Individual instruction set

Question 20

Software deadlock

Answer 20

When a resource is being used by another process and cannot continue, but the other process will not release until the first finishes

Question 21

Process isolation

Answer 21

Ensuring that processes cannot use memory space of another process, this is required for preemptive multitasking

Question 22

Process Encapsulation

Answer 22

When process A can only speak to an interface from process B

Question 23

Data hiding

Answer 23

When one process does not know how another works, it simple sends to the interface between

Question 24

Time multiplexing

Answer 24

Time slices for resources

Question 25

Process naming distinction

Answer 25

PID is used to assist process isolation

Question 26

Virtual memory addressing

Answer 26

Rather than address to memory applications address to the memory space allocated by the OS

Question 27

Abstraction

Answer 27

The details of something are hidden

Question 28

Memory manager functions?

Answer 28

Relocation - swap file, pointers
Protection - limit process access and access control
Sharing - complex controls govern memory space sharing
Local org - allow sharing of procedures like DLL
Physical org - virtual memory management

Question 29

What is a base and limit register?

Answer 29

Base register is the beginning address of a memory segment and limit register is the last address

Question 30

DRAM

Answer 30

Capacitive memory that requires a refresh to ensure the capacitors do not lose charge

Question 31

SRAM

Answer 31

Static memory uses exclusively transistors and does not require refresh

Question 32

Thrashing

Answer 32

Moving data around to free resources for more data

Question 33

What is the difference between EEPROM and flash

Answer 33

EEPROM need firmware updates that write bit by bit over the previous

Flash can be rewritten at the block or device level and acts like a hard drive

Question 34

Absolute addresses vs logical

Answer 34

Physical vs virtual memory

Question 35

Buffer overflow

Answer 35

When the buffer is too large and malicious code can be inserted

If accepted input is larger than input there is a possibility of inserting data

Question 36

ASLR - Address space layout randomization

Answer 36

When an OS randomized and shifts address spaces around in memory

Question 37

DEP - data execution prevention

Answer 37

Locked down memory spaces for certain executables

Question 38

Memory leaks

Answer 38

Not using proper code that will release memory

Question 39

Programmed IO

Answer 39

The application requests that the IO take place, this is CPU wasteful

Question 40

Interrupt IO

Answer 40

Byte is sent, CPU moves on, interrupt occurs, byte is sent

This is better but still uses the CPU

Question 41

IO over DMA

Answer 41

Also called unmapped IO

Does not use the processor, it’s just sent from memory to the DMA controller to the device

Question 42

Premapped IO

Answer 42

OS assigns memory address and trusts device not to be malicious

Scary

Question 43

Fully mapped IO

Answer 43

OS brokers the IO requests of untrusted device

Question 44

What is ring architecture?

Answer 44

CPU levels. Ring 0 is unprotected ring 3 would be more protected. The CPU manufacturer decides the number of rings, OS decides how to use them.

Question 45

What does the word domain mean?

Answer 45

A collection of resources

Question 46

Monolithic architecture

Answer 46

MSDOS - user mode / priveledged mode

Too much code could run in a higher mode

Question 47

What is THE?

Answer 47

A layered kernel approach where each later called the next user>IO>interpreter>mem>processor

Question 48

What is data hiding?

Answer 48

When you cannot bypass layers to call sub layers

Question 49

Micro kernel model

Answer 49

It is a smaller kernel subset to promote security, this became slow because of process level changes

Question 50

Hybrid micro kernel architecture

Answer 50

Partially uses the micro kernel for memory specific tasks, mostly uses the driver kernel to handle devices

Question 51

Security policy

Answer 51

Is a strategic tool to indicate how sensitive information is managed

Question 52

TCB

Answer 52

Trusted Computer Base - A collection of all the hardware, software, and firmware security components of a system

Question 53

Trusted path

Answer 53

The path between the user and the TCB

Question 54

Trusted shell

Answer 54

A shell someone cannot get into or out of

Question 55

Security perimeter

Answer 55

Divides the trusted from the untrusted

Question 56

Reference monitor

Answer 56

Used as a reference to user access of an object, this is effectively the law of the TCB

Question 57

Security kernel

Answer 57

All access decisions must go through the security kernel, it is the core of the TCB

Question 58

Multilevel security policy

Answer 58

Each level has it’s own security policy of where it can talk to

Question 59

State change model

Answer 59

System model over the premise all states of an object are regulated

Question 60

State transitions

Answer 60

When the state of an object changes

Question 61

Simple security rule

Answer 61

Subject cannot read at a higher priveledge.

Question 62

• property

Answer 62

Cannot write to a level lower

Question 63

Strong star property

Answer 63

Read and write can only function at the level currently on

Question 64

Basic security theorem

Answer 64

If a system starts secure, and all state levels are secure, the system is secure regardless of input

Question 65

Tranquility principle

Answer 65

Subjects and objects cannot change states undefined in the security principle

Question 66

Bell-Lapadula

Answer 66

A security model used in MAC access control systems that specifies rules on read and write

Question 67

Biba model

Answer 67

Similar to Bell-Lapadula but concerned solely on data integrity

Question 68

*-integrity axiom

Answer 68

No write up, so dirty data does not mix with clean data

Question 69

Simple integrity axiom

Answer 69

No read down

Question 70

Invocation property

Answer 70

A dirty subject cannot use a clean tool to contaminate a clean object

Question 71

Clark-Wilson

Answer 71

An integrity model that compartmentalizations data based on programmatic processing

Question 72

Transformation procedures TP

Answer 72

Programmatic operations like read and write

Question 73

Constrained data items CDI

Answer 73

This data is allowed to be manipulated by TPs

Question 74

Unconstrained data items UDI

Answer 74

Users can directly manipulate these items

Question 75

Integrity verification procedures IVP

Answer 75

Checks consistency of CDI against reality

Question 76

Access triple

Answer 76

Subject, object, program

User, CDI, TP

Question 77

Well formed transaction

Answer 77

Using a TP to process a CDI and having it go through an IVP

Question 78

Covert channel

Answer 78

A way for an entity to receive information in an unauthorized secretive way

Question 79

Non-inference

Answer 79

Someone of a lower clearance cannot see state changes of a higher clearance

Question 80

Inference attack

Answer 80

When someone had access to something that goes through a state change that implies what the change means

Question 81

Lattice model

Answer 81

Access is defined as:

Least upper bound
Greatest lower bound

Question 82

Brewer-Nash model (Chinese wall model)

Answer 82

This model is used to prevent conflict of interest

If you access bank A files you cannot access bank B files

Question 83

Graham-Denning model

Answer 83

8 critical security questions to ask especially when programming

Question 84

Harrison-Ruzzo-Ullman model

Answer 84

Ensures access controls are being met at all levels

Question 85

Dedicated security mode

Answer 85

An OS model that means all users have a need to know all information and have signed NDA pertaining the information

Question 86

System high security mode

Answer 86

When a user has the security clearance to see it, but the need to know for only partial portions of the data

Question 87

Compartmented security mode

Answer 87

Just like high security mode, but the highest clearance data enforces who can access the system

Question 88

Compartment mode workstations

Answer 88

Have built in functionality to all multiple clearance levels on the same system

Question 89

Guards

Answer 89

A system used between trust (assurance) levels

Question 90

Assurance rating

Answer 90

An EOL # used to quantify a systems trust

Question 91

Common criteria

Answer 91

A systematic review used to rate a system A-D

Question 92

Division D

Answer 92

This division is the lowest security rating

Question 93

Division C1

Answer 93

Discretionary security protection - access is controlled by user or group low security environment

Question 94

Division C2

Answer 94

Controlled access protection - each individual is authenticated and security events are audited. All mediums containing data cannot store data, ie memory or temp storage

Question 95

Division B1

Answer 95

Label security - each object must contain an accurate security label

Question 96

Division B2

Answer 96

Structured protection - fully documented and defined security policy with stringent authentication and covert channel analysis has been passed

Question 97

Division B3

Answer 97

Security domains - reduction of complexity from B2 .. Reduced code and simplified procedures

Question 98

Division A

Answer 98

Strictly verified and scrutinized B3

Question 99

Rainbow books

Answer 99

Like the orange book/common criteria, but targeted to the business sector

Question 100

Red book

Answer 100

Trusted network interpretation -

Communication integrity
Denial of service prevention
Compromise protection

(Read more on red book/rainbow books)

Question 101

Assurance

Answer 101

Derived from comparing how things actually work to the theory of how they should work

Question 102

What is he history of the TCSEC

Answer 102

TCSEC became Common Criteria

Question 103

ITSEC

Answer 103

European version of the common criteria

Question 104

What is different between TCSEC and ITSEC?

Answer 104

ITSEC has a separate rating for assurance vs functionality

Question 105

EAL

Answer 105

Evaluation assurance level

EAL 1 - functionally tested
2 - structurally tested
3 - methodically tested and checked
4 - methodically designed tested and reviewed
5 - semi formally designed and tested
6 - semi formally verified design and tested
7 - verified design

Question 106

Verified design?

Answer 106

Mathematically proven model

Question 107

How rare protection profiles used in common criteria?

Answer 107

A committed assurance level to develop on and towards

Question 108

What 5 parts make up and protection profile?

Answer 108

Descriptive elements
Rationale
Functional requirements
Development assurance requirements
Evaluation assurance requirements

Question 109

What steps are taken during the CC (common criteria)?

Answer 109

Protection profile is made - assurance target
Target of evaluation - security target
Security target - how our product does the above
Security functional req. - individual security function proof
Security assurance req. - measures taken during development to assure these requirements are met and confirmable
Packages - what must be met to continue with an EAL rating

Question 110

ISO 15408

Answer 110

International standard linked to common criteria

• 1 - lays out the general concept of the common criteria
• 2 - describes and catalogs security functionality
• 3 - defined assurance requirements with criteria

Question 111

Certification vs accreditation

Answer 111

Certification - the testing of a claim

Accreditation - acceptance of the risk associated with the certification process results

Question 112

Open vs closed systems

Answer 112

Open standardized interoperability vs exclusively proprietary interoperability

Question 113

Maintenance hook

Answer 113

This is code developed to monitor the software for flaws, these are dangerous security wise..

Think of my /end function!

Question 114

Time of use attack

Answer 114

Similar to race condition, but manipulates something process 2 relies on prior to process 2 running, (a flag in a file)

Question 115

If time of use is mandatory in code how can you avoid this?

Answer 115

Using system locks on the resources required by the process