COMP6015 - SecOS

Question 1

What are the 4 ‘roles’ of an Operating System?

Answer 1

Assistant, Broker, Supervisor, Interface.

IABS

Question 2

What does the OS do as an Assistant?

Answer 2

Provides common functions that can be reused across different programs.

Question 3

What does the OS do as a Broker?

Answer 3

Shares resources (memory, disk space, network, CPU usage) between processes.

Question 4

What does the OS do as a Supervisor?

Answer 4

Detects messages from processes such as interrupts and logging.

Question 5

What are the 5 types of Computer?

Answer 5

Mainframe, ‘Miniframe’, Personal Computer, Mobile, Network Server.

Question 6

What is the name of the system at the heart of the OS?
What does it have access to?

Answer 6

The Kernel.
Everything*; hardware, memory, processes, etc.

• everything in the OS; the hypervisor or lower levels can hide more information about the Computer System.

Question 7

What are the advantages and disadvantages of using a Microkernel?

Answer 7

Advantage: Kernel code is dangerous, so keeping it minimal reduces the risk of system crashes.

Disadvantages: Lots of functionality that has been moved out of the Kernel will need to be filtered through into one system, which can have a negative impact on performance.

Question 8

What is a Modular Kernel?

Answer 8

Modular Kernel is an architecture where every component of the OS can be placed inside or outside of the Kernel.

This is done by Linux, but requires recompilation, so it’s only possible where the source code is available.

Question 9

What is the difference between a Process and a Program?

Answer 9

The program is the instructions on disk.

The process is the instance of the program running, which also includes active memory allocation and a program counter.

Question 10

What is the difference between Multiprocessing, Multiprogramming, Multithreading, and Multitasking?

Answer 10

Multiprocessing - Parallel execution of processes across multiple CPUs or cores.

Multiprogramming - Multiple programs loaded into memory and executed by a single CPU or core by switching between them.

Multithreading - Concurrent execution of multiple threads in the same process.

Multitasking - An umbrella term for any scenario for parallel or concurrent (time-sharing) execution of processes or tasks.

Question 11

What is the difference between a Program, a Process, a Thread, and a Task?

Answer 11

Program - A program is a file containing a set of instructions.

Process - A process is an instance of a program with its own system resources such as allocated memory and a program counter.

Thread - A thread is a unit of execution within a process. A process can have one or more threads that run concurrently, and these threads share system resources such as memory.

Task - Umbrella term for either a process or a thread.

Question 12

What are the states in a 2 state process model?

Answer 12

Not Running and Running.

Question 13

What are the states in a 3 state process model?

Answer 13

Blocked, Ready, Running.

Question 14

What are the states in a 5 state process model?

Answer 14

New, Blocked, Ready, Running, Exit.

Question 15

What 4 things does a process consist of?

Answer 15

• Program.
• User Data.
• Stack.
• PCB (Process Control Block)
  
  • Process ID and IDs of any children.
  • State Information.
  • Control Information
    
    • Scheduling.
    • ICP Information.

Question 16

What are the two layers of Interrupt handling responsible for?

Answer 16

First Level Interrupt Handling (FLIH)
- Save process information.
- E.g. Registers are saved to the Process Control Block (PCB).

Second Level Interrupt Handling (SLIH)
- Control is transferred

Question 17

What is Thread Pooling?

Answer 17

Rather than having Processes create their own threads dynamically when needed, each Process is given a pool of some amount of threads that it can make free use of.

Question 18

What are some examples of CPU Scheduling Algorithms

Answer 18

First Come First Served (FCFS)
Shortest Job First
Priority Scheduling
Round Robin

Question 19

What are some of the metrics used to measure the effectiveness of Scheduling algorithms?

Answer 19

Average Turnaround Time - time from start to all tasks completed / number of processes

Average Waiting Time - average(time between process availability and process completed)

Question 20

What Scheduling algorithm does Windows use?

Answer 20

Round Robin with 32 priority levels.

Levels >16 are real time.

UI windows have their quantum time tripled when in focus.

Windows 8 and higher adjust the frequency of clock interrupts based on system activity to save power.

Question 21

What is a Race Condition?

Answer 21

A race condition is where two or more threads attempt to access the same memory location or resource at the same time.

Question 22

How do we solve the issue of a Race Condition, and what boundaries must be defined in our code to facilitate this.

Answer 22

A Mutex or Semaphore is required to prevent multiple threads from accessing a resource at the same time.

The Mutex or Semaphore should be placed around a Critical Region.
The Critical Region is the area of code where the resource is needed.

The Mutex or Semaphore will cause the program to wait at the Critical Region until it is safe to proceed.

Question 23

What is the difference between a Mutex and Semaphore?

Answer 23

Mutexes are basic locking objects with two states (locked and unlocked).

Semaphores are non-negative integer counters used when you have multiple identical copies of a resource available and any of them can be used.

Question 24

What is an ACL in Operating Systems?

Answer 24

An Access Control List (ACL) is a technique of managing permissions in the file system.

Question 25

What are CAV and CLV in disk read/write?

Answer 25

Constant Angular Velocity - constant RPM. Constant Linear Velocity - adjusted RPM based on radius position.

Question 26

What is the equation for bandwidth?

Answer 26

(Number of Bytes Transferred) / (Time) ? baud_rate * frequency In Signal Processing: highest_frequency - lowest_frequency

Question 27

What are some of the methods of disk scheduling?

Answer 27

- First Come, First Served (FCFS) - Shortest Seek Time First (SSTF) - SCAN - LOOK

Question 28

What is the difference between SSTF and SCAN disk scheduling?

Answer 28

Shortest Seek Time First (SSTF) will rotate clockwise and anticlockwise to minimise the movement time and maximise the read/write time. SCAN will rotate in only one direction. SSTF is more efficient in terms of read/write time, however some requests may hang for a significant and unfair amount of time (if there are many requests on the opposite side of the platter). SCAN will avoid this starvation issue.

Question 29

What is the difference between SCAN and C-SCAN disk scheduling?

Answer 29

SCAN will search from start to end, then end to start and repeat. C-SCAN or Circular SCAN will search from start to end and then repeat.

Question 30

What are the LOOK and C-LOOK disk scheduling algorithms?

Answer 30

Variants of SCAN and C-SCAN (respectively) that only reach the position of the final request before resetting, rather than the end of the disk.

Question 31

What is RAID in storage?

Answer 31

Redundant Array of Independent Disks. A method of combining small disks to provide redundancy in case of a failure.

Question 32

What is a Virtual File System?

Answer 32

The Operating System doesn't want to know the details of the storage system hardware, so access is conducted through an interface. This means, for example, that a network drive behaves the same as a local drive.

Question 33

What are inodes?

Answer 33

Inodes (or index nodes) store metadata about files and directories. They store: - File Type - Permissions - Owner (UID) and Group (GID) - File Size - Timestamps - (and a few others) But notably they do not store: - Filename (stored in the directory structure) - File content

Question 34

What file structure does DOS use? How does it work?

Answer 34

FAT32 (File Allocation Table 32-bit) Uses a table to track where on disk files are stored. Table records Chains of Clusters (of Blocks). Each entry points to the next Cluster of the file, or marks the end of the file.

Question 35

How do directories work in FAT32?

Answer 35

Directories are special files that contain a list of filenames with their cluster locations, sizes and some other attributes.

Question 36

How does FAT32 handle free space?

Answer 36

Unused Clusters are marked as free. When a new file is created, the system looks for free clusters.

Question 37

Where is FAT32 used?

Answer 37

USB storage devices, SD cards, external storage devices. Sometimes full computer system storage. However it's quite dated and its main benefit today is cross-platform compatibility.

Question 38

What file structure does modern Windows use? How does it work?

Answer 38

NTFS (New Technology File System) Has a Master File Table (MFT) to store metadata about every file and directory. Small files can be stored directly in the MFT ('resident' files) for performance. Disk is split into Clusters (of around 4KB). Files larger than 1 Cluster will have all locations listed in the MFT. Directories are structured as B (Balanced) Trees for quick traversal. Journaling / Transition Log is used (before modification to the file system takes place) so that changes can be undone or replayed in the event of a crash. Uses Access Control Lists (ACLs). Supports Encrypted File System (EFS). Supports Symbolic Links.

Question 39

What file structure did Mac OS use before 2017? How does it work?

Answer 39

HFS+ (Hierarchical File System Plus) - Partition Map to keep track of different partitions on the disk. - Allocation File tracks block usage. - Catalog file holds B (Balanced) Tree of file directory

Question 40

What file structure does Mac OS use since 2017?

Answer 40

APFS (Apple File System)

Question 41

What are the differences between NTFS and HFS+?

Answer 41

NTFS optimised for Windows; HFS+ optimised for Mac OS. HTFS supports more sophisticated Journaling. HTFS supports more sophisticated Access Control Lists (ACL). HTFS supports Encrypted File System (EFS). HTFS is optimised for SSDs. HTFS deals better with disk fragmentation.

Question 42

What are the 6 most common File System structures? What are the key differences between them?

Answer 42

FAT32 -> ExFAT NTFS -> ReFS (Windows) HFS+ -> APFS (Mac OS) ExFAT replaced FAT32; APFS replaced HFS+; ReFS is a more optimised alternative to NTFS for Windows Server only. Journaling is not present in FAT32 or ExFAT. It is more advanced in ReFS and APFS. Compression is only available in NTFS and HFS+. Encryption is available in NTFS, HFS+ and APFS. Fragmentation is best handled in ReFS and APFS; handled well in ExFAT and NTFS; poorly in HFS+; very poorly in FAT32. FAT32 and ExFAT have no crash protection. NTFS achieves it with Transaction Logs. ReFS with Self-healing. HFS+ with Journaling. APFS with Atomic Transactions. FAT32 - Best for compatibility. ExFAT - More robust than FAT32 at a slight cost to compatibility. NTFS - Secure with large volume support. ReFS - Scalable with data integrity, but only for Windows Server. HFS+ - Best Mac OS support APFS - Fast secure and robust, but only for modern Apple devices.

Question 43

What is Journaling in File Systems?

Answer 43

Journaling is where when data is updated, the old data is not actually replaced, but rather new nodes are created in a linked-list-like structure and the relevant references are updated.

Question 44

What file structures are used by CD ROMs?

Answer 44

ISO 9660 (High Sierra) - non-rewritable disks. ISO 13346 - rewritable disks.

Question 45

What is a Deadlock?

Answer 45

To avoid Race Conditions, processes need to lock down resources. If two processes both need access to the same two resources and one process has a lock on one resource and the other on the other, you have an infinite loop where neither process can progress and return the resource. This kind of locking infinite loop is called a deadlock, and can sometimes be invoked from large chains of processes.

Question 46

What are the 4 conditions of a Deadlock?

Answer 46

Mutual Exclusion. Hold and Wait. No Preemption (resource cannot be taken from a holding process). Circular Wait.

Question 47

What is Banker's Algorithm?

Answer 47

Deadlock Avoidance algorithm by Dijkstra. - Maximum - Allocated - Required - Available - Total You have matrices for Maximum and Allocated which tell you how many of each Resource each Process needs, and already has. You also have a matrix for Required, which is Maximum - Allocated. You have the number of each Resource that is still Available for allocation. You can compute the Total number of each Resource by summing Allocated for each Process and the Available.

Question 48

How does Banker's Algorithm work?

Answer 48

Given the Maximum and Allocated matrices along with the Available Resources, compute the Required and Total. For each process, if Required < Available the process can complete and Available increases by Allocated for the process. Repeat until all processes have been completed or a full loop has run without completing any processes. If there are incomplete Processes and no more can be completed, you have a deadlock.

Question 49

What is the difference between a Mainframe and a Miniframe?

Answer 49

Miniframes have more users, so the OS role of an Interface becomes more important.

Question 50

During CPU Scheduling, what are the different types of systems, and what task priorities do they have?

Answer 50

- All Systems - Fairness - Policy - Balance - System-critical - Batch Systems - Throughput - Turnaround time - CPU Utilisation - Interactive Systems - Response time - Active Windows - Real-time Systems - Meeting deadlines - Predictability

Question 51

What are the 6 parts of Process Management?

Answer 51

Creation Termination Process State Models Process Description Process Control Block (PCB) Process Switching and Interrupts.

Question 52

What is Strict Alternation?

Answer 52

A turn-based system to solve Race Condition issues. Main problem is that when a process doesn't use its turn, it will not pass its turn on to other processes that may need it.

Question 53

What is Peterson's Algorithm?

Answer 53

A system to solve Race Condition issues. One critical region ticket is available. Process must claim the ticket before entering the critical section. Only one process may have the ticket at once. If a process doesn't need it, it doesn't prevent the others (solves issue of Strict Alternation).

Question 54

What is a File System?

Answer 54

[Definition] An organised collection of files, usually in a hierarchical structure.

Question 55

What is a Record? (File Systems)

Answer 55

[Definition] A discrete part of a file. Records can be single bytes or more complex data structures.

Question 56

What is a Block? (File Systems)

Answer 56

[Definition] The smallest chunks of individually addressable storage.

Question 57

What is the CIA principle?

Answer 57

Confidentiality Integrity Availability Non-repudiation

Question 58

How do you recover from a Deadlock?

Answer 58

- Don't claim any of the required resources unless they're all available. - If a process is waiting for more than some small but random amount of time, drop all held resources, pause and then try again.

Question 59

What is Paging?

Answer 59

The mapping between virtual memory addresses (that we use in programming) and physical memory in the device.

Question 60

Why do we need Paging?

Answer 60

Simplicity, Efficiency, Safety. Simplicity – Paging abstracts memory management by making each process believe it has a contiguous block of memory, even though physical memory may be fragmented or spread across multiple RAM modules. It also seamlessly integrates virtual memory (e.g. from disk) into a single logical address space. Efficiency – Paging enables efficient memory usage by allowing the OS to load only the necessary parts (pages) of a program into RAM. Frequently accessed pages can stay in RAM, while less-used pages remain on disk. This dynamic mapping happens without changing the process’s code or its view of memory. Safety – Paging enforces memory isolation. Each process operates within its own virtual address space, preventing it from reading or writing to another process's memory, which protects system stability and security.

Question 61

What is a Page Fault?

Answer 61

An error that occurs in Page Table lookup where the required data is not loaded into RAM.

Question 62

What is NRU replacement in Paging

Answer 62

Not Recently Used. When a Page Fault occurs, randomly select a page of the lowest available category to remove from memory. R bit - recently accessed flag M bit - recently modified flag Category 0: !R !M Category 1: !R M Category 2: R !M Category 3: R M

Question 63

What is Second Chance replacement in Paging?

Answer 63

Based on FIFO; when we have a Page Fault and need to load something into physical memory but have no remaining space, the oldest value is the one that is removed. With Second Chance replacement, every value has a reference bit which is initially set to 0. When a Page Fault does not occur, the page that has just been searched has its reference bit _set_ (not incremented) to 1. Now, when a Page Fault occurs and we look at the oldest page, if its reference bit is 1, we set it back to 0 and check the next oldest. We only remove a page if its reference bit is 0.

Question 64

What is Clock-based replacement in Paging?

Answer 64

According to lecture: The same as Second Chance replacement but uses a circular queue instead of a regular queue. According to the internet: The same as Second Chance.

Question 65

What is a Multi-level Page Table?

Answer 65

A flat Page Table containing everything would take a large chunk of contiguous memory, and it is probable that only a small amount of the table will be frequently used. Multi-level Page Table is where we have one master Page Table that points to other Page Tables. The sub Page Tables that are not frequently used can be moved to slower-access virtual memory, whereas frequently-used sub Page Tables can be kept in main memory along with the master Page Table. No references are broken, but but lower-frequency pages have more intermediate steps to save main memory space.

Question 66

What are the different Segmentations in a Program?

Answer 66

- Symbol Table - Source Text - Constants - Parse Tree - Call Stack

Question 67

What are the benefits to using Segmentation?

Answer 67

- Arc Injection prevention. - DMA protection. - Reduced internal fragmentation. (find more).

Question 68

What are the benefits of Harvard Architecture over Von Neumann?

Answer 68

- Security - Speed (parallel instruction/data access)

Question 69

What are the drawbacks of Harvard Architecture vs Von Neumann?

Answer 69

- Cost - Device efficiency? (if one is at capacity it cant use extra space from the other)

Question 70

What is ASLR?

Answer 70

Adress Space Layout Randomisation Makes buffer overflow attacks more difficult because it's more difficult to determine the address spaces of the current and target processes. Executables must be compiled with ASLR support to work.

Question 71

What is the Optimal Page Replacement Algorithm?

Answer 71

AKA Belady's Algorithm. Page Replacement Algorithm that relies on future memory access and replaces the page that will not be used for the longest time in the future. It's impractical because we don't know this in a live system, but it serves as a benchmark for practical algorithms that do not have this capability.

Question 72

What is ESP?

Answer 72

Executable Space Protection. Memory regions can be marked with the 'NX' bit to prevent execution.

Question 73

What is the difference between Protection and Security?

Answer 73

Protection is internally-facing. Security is externally-facing.

Question 74

What is RBAC?

Answer 74

Role-based Access Control. Permissions are set for roles rather than individuals.

Question 75

What are ACLs?

Answer 75

Access Control Lists. Used by RBACs to store the permissions for each role. Contain Access Control Entries (ACEs).

Question 76

What is an Access Matrix?

Answer 76

Abstraction of a systems protection domain. Row labels = users/processes Column labels = objects Cells = permission levels

Question 77

What are the 3 principles of Protection?

Answer 77

Principle of least privilege Principle of privilege separation KISS Principle

Question 78

What are the 3 main types of kernel?

Answer 78

Monolithic Microkernel Modular Kernel

Question 79

When would you use a Monolithic Kernel vs Microkernel?

Answer 79

Monolithic has everything in one place which is efficient but can become very complex. Microkernel separates things out and delegates different functions to different processes, offering flexibility and modularity at the cost of performance. Monolithic might be preferable for performance-critical systems like simulation clusters, or just where the requirement specification itself is fairly simple.

Question 80

What is the difference between Monolithic Kernel, Microkernel, and Modular Kernel?

Answer 80

In Monolithic, one single process is responsible for all system services (e.g. device drivers, file system, memory management) and it runs in kernel space. [e.g. Traditional (pre 1995) Linux, UNIX] In Microkernel, only essential system services (e.g. low-level address space management, thread management, IPC) run in kernel space and everything else (e.g. device drivers, file system) runs in user space. [e.g. MINIX] In Modular Kernel, modules (responsible for e.g. device drivers, file system) can be dynamically moved into and out of kernel space. [e.g. Modern Linux, Windows NT]

Question 81

How does Buffer Overflow work? Give Pseudocode.

Answer 81

Buffer overflow occurs when the content we write to a block of memory is larger than the size of the block itself. The operating keeps writing until the input is done even once we are outside of the block. char buffer[8]; strcpy(buffer, "ThisIsWayTooLong");

Question 82

What are the benefits and drawbacks of Monolithic Kernel?

Answer 82

+ Fast Performance due to direct access. + Efficient in terms of resource. - Less stable; a bug in one part (e.g. driver) can crash the whole system. - Harder to maintain.

Question 83

What are the benefits and drawbacks of Microkernel?

Answer 83

+ Better stability; user space crashes don't crash the kernel. + Easier to maintain / extend. - Slower due to more context switches and IPC. - More complex to design.

Question 84

What are the benefits and drawbacks of Modular Kernel?

Answer 84

+ Flexibility; modules can be added/removed without rebooting. + Good balance of performance and maintainability. - Bugs can still crash the whole system. - More overhead than a monolithic kernel.

Question 85

What is TLB in Paging?

Answer 85

Translation Lookaside Buffer. Cached subsection of a page table used to improve average lookup speed.

Question 86

What are the 4 requirements that a process must meet to correctly use the Critical Section?

Answer 86

Mutex Progress Bounded Wait No Assumptions of Processor speed / timings / scheduling policy.