Ch 07 System Architecture Flashcards
Which of the following lists two foundational properties of database transactions?
A. Aggregation and inference
B. Scalability and durability
C. Consistency and performance
D. Atomicity and isolation
D. The foundational properties of database transactions are atomicity, consistency, isolation, and durability (ACID).
Which of the following is not true about containers?
A. They are embedded systems.
B. They are virtualized systems.
C. They commonly house microservices.
D. They operate in a sandbox.
A. Containers are virtualized systems that commonly (though not always) house microservices and run in sandboxes. It would be highly unusual to implement a container as an embedded system.
What is the term that describes a database attack in which an unauthorized user is able to combine information from separate sources to learn sensitive information to which the user should not have access?
A. Aggregation
B. Containerization
C. Serialization
D. Collection
A. Aggregation happens when a user does not have the clearance or permission to access specific information, but she does have the permission to access components of this information. She can then figure out the rest and obtain restricted information.
What is the main difference between a distributed control system (DCS) and supervisory control and data acquisition (SCADA)?
A. SCADA is a type of industrial control system (ICS), while a DCS is a type of bus.
B. SCADA controls systems in close proximity, while a DCS controls physically distant ones.
C. A DCS controls systems in close proximity, while SCADA controls physically distant ones.
D. A DCS uses programmable logic controllers (PLCs), while SCADA uses remote terminal units (RTUs).
C. The main difference is that a DCS controls devices within fairly close proximity, while SCADA controls large-scale physical processes involving nodes separated by significant distances. They both can (and frequently use) PLCs, but RTUs are almost always seen in SCADA systems.
What is the main difference between a distributed control system (DCS) and supervisory control and data acquisition (SCADA)?
A. SCADA is a type of industrial control system (ICS), while a DCS is a type of bus.
B. SCADA controls systems in close proximity, while a DCS controls physically distant ones.
C. A DCS controls systems in close proximity, while SCADA controls physically distant ones.
D. A DCS uses programmable logic controllers (PLCs), while SCADA uses remote terminal units (RTUs).
C. The main difference is that a DCS controls devices within fairly close proximity, while SCADA controls large-scale physical processes involving nodes separated by significant distances. They both can (and frequently use) PLCs, but RTUs are almost always seen in SCADA systems.
What is the main purpose of a hypervisor?
A. Virtualize hardware resources and manage virtual machines
B. Virtualize the operating system and manage containers
C. Provide visibility into virtual machines for access control and logging
D. Provide visibility into containers for access control and logging
A. Hypervisors are almost always used to virtualize the hardware on which virtual machines run. They can also provide visibility and logging, but these are secondary functions. Containers are the equivalents of hypervisors, but they work at a higher level by virtualizing the operating system.
Which cloud service model provides customers direct access to hardware, the network, and storage?
A. SaaS
B. PaaS
C. IaaS
D. FaaS
C. Infrastructure as a Service (IaaS) offers an effective and affordable way for organizations to get all the benefits of managing their own hardware without the massive overhead costs associated with acquisition, physical storage, and disposal of the hardware.
Which cloud service model do you recommend to enable access to developers to write custom code while also providing all employees access from remote offices?
A. PaaS
B. SaaS
C. FaaS
D. IaaS
A. Platform as a Service (PaaS) solutions are optimized to provide value focused on software development, offering direct access to a development environment to enable an organization to build its own solutions on the cloud infrastructure, rather than providing its own infrastructure.
Which of the following is not a major issue when securing embedded systems?
A. Use of proprietary code
B. Devices that “phone home”
C. Lack of microcontrollers
D. Ability to update and patch them securely
C. Embedded systems are usually built around microcontrollers, which are specialized devices that consist of a CPU, memory, and peripheral control interfaces. All the other answers are major issues in securing embedded systems.
Which of the following is true about edge computing?
A. Uses no centralized computing resources, pushing all computation to the edge
B. Pushes computation to the edge while retaining centralized data management
C. Typically consists of two layers: end devices and cloud infrastructure
D. Is an evolution of content distribution networks
D. Edge computing is an evolution of content distribution networks, which were designed to bring web content closer to its clients. It is a distributed system in which some computational and data storage assets are deployed close to where they are needed in order to reduce latency and network traffic. Accordingly, some computing and data management is handled in each of three different layers: end devices, edge devices, and cloud infrastructure.
Use the following scenario to answer Questions 10–12. You were just hired as director of cybersecurity for an electric power company with facilities around your country. Carmen is the director of operations and offers to give you a tour so you can see the security measures that are in place on the operational technology (OT).
What system would be used to control power generation, distribution, and delivery to all your customers?
A. Supervisory control and data acquisition (SCADA)
B. Distributed control system (DCS)
C. Programmable logic controller
D. Edge computing system
A. SCADA was designed to control large-scale physical processes involving nodes separated by significant distances, as is the case with electric power providers.
Use the following scenario to answer Questions 10–12. You were just hired as director of cybersecurity for an electric power company with facilities around your country. Carmen is the director of operations and offers to give you a tour so you can see the security measures that are in place on the operational technology (OT).
You see a new engineer being coached remotely by a more senior member of the staff in the use of the human-machine interface (HMI). Carmen tells you that senior engineers are allowed to access the HMI from their personal computers at home to facilitate this sort of impromptu training. She asks what you think of this policy. How should you respond?
A. Change the policy. They should not access the HMI with their personal computers, but they could do so using a company laptop, assuming they also use a virtual private network (VPN).
B. Change the policy. ICS devices should always be isolated from the Internet.
C. It is acceptable because the HMI is only used for administrative purposes and not operational functions.
D. It is acceptable because safety is the fundamental concern in ICS, so it is best to let the senior engineers be available to train other staff from home.
B. It is a best practice to completely isolate ICS devices from Internet access. Sometimes this is not possible for operational reasons, so remote access through a VPN could be allowed even though it is not ideal.
Use the following scenario to answer Questions 10–12. You were just hired as director of cybersecurity for an electric power company with facilities around your country. Carmen is the director of operations and offers to give you a tour so you can see the security measures that are in place on the operational technology (OT).
You notice that several ICS devices have never been patched. When you ask why, Carmen tells you that those are mission-critical devices, and her team has no way of testing the patches before patching these production systems. Fearing that patching them could cause unexpected outages or, worse, injure someone, she has authorized them to remain as they are. Carmen asks whether you agree. How could you respond?
A. Yes. As long as we document the risk and ensure the devices are as isolated and as closely monitored as possible.
B. Yes. Safety and availability trump all other concerns when it comes to ICS security.
C. No. You should stand up a testing environment so you can safely test the patches and then deploy them to all devices.
D. No. These are critical devices and should be patched as soon as possible.
A. It is all too often the case that organizations can afford neither the risk of pushing untested patches to ICS devices nor the costs of standing up a testing environment. In these conditions, the best strategy is to isolate and monitor the devices as much as possible.
