COMP6015 - SecOS Flashcards

(86 cards)

1
Q

What are the 4 ‘roles’ of an Operating System?

A

Assistant, Broker, Supervisor, Interface.

IABS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What does the OS do as an Assistant?

A

Provides common functions that can be reused across different programs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What does the OS do as a Broker?

A

Shares resources (memory, disk space, network, CPU usage) between processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What does the OS do as a Supervisor?

A

Detects messages from processes such as interrupts and logging.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are the 5 types of Computer?

A

Mainframe, ‘Miniframe’, Personal Computer, Mobile, Network Server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the name of the system at the heart of the OS?
What does it have access to?

A

The Kernel.
Everything*; hardware, memory, processes, etc.

  • everything in the OS; the hypervisor or lower levels can hide more information about the Computer System.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are the advantages and disadvantages of using a Microkernel?

A

Advantage: Kernel code is dangerous, so keeping it minimal reduces the risk of system crashes.

Disadvantages: Lots of functionality that has been moved out of the Kernel will need to be filtered through into one system, which can have a negative impact on performance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Modular Kernel?

A

Modular Kernel is an architecture where every component of the OS can be placed inside or outside of the Kernel.

This is done by Linux, but requires recompilation, so it’s only possible where the source code is available.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is the difference between a Process and a Program?

A

The program is the instructions on disk.

The process is the instance of the program running, which also includes active memory allocation and a program counter.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the difference between Multiprocessing, Multiprogramming, Multithreading, and Multitasking?

A

Multiprocessing - Parallel execution of processes across multiple CPUs or cores.

Multiprogramming - Multiple programs loaded into memory and executed by a single CPU or core by switching between them.

Multithreading - Concurrent execution of multiple threads in the same process.

Multitasking - An umbrella term for any scenario for parallel or concurrent (time-sharing) execution of processes or tasks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the difference between a Program, a Process, a Thread, and a Task?

A

Program - A program is a file containing a set of instructions.

Process - A process is an instance of a program with its own system resources such as allocated memory and a program counter.

Thread - A thread is a unit of execution within a process. A process can have one or more threads that run concurrently, and these threads share system resources such as memory.

Task - Umbrella term for either a process or a thread.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are the states in a 2 state process model?

A

Not Running and Running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are the states in a 3 state process model?

A

Blocked, Ready, Running.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are the states in a 5 state process model?

A

New, Blocked, Ready, Running, Exit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What 4 things does a process consist of?

A
  • Program.
  • User Data.
  • Stack.
  • PCB (Process Control Block)
    • Process ID and IDs of any children.
    • State Information.
    • Control Information
      • Scheduling.
      • ICP Information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are the two layers of Interrupt handling responsible for?

A

First Level Interrupt Handling (FLIH)
- Save process information.
- E.g. Registers are saved to the Process Control Block (PCB).

Second Level Interrupt Handling (SLIH)
- Control is transferred

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What is Thread Pooling?

A

Rather than having Processes create their own threads dynamically when needed, each Process is given a pool of some amount of threads that it can make free use of.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What are some examples of CPU Scheduling Algorithms

A

First Come First Served (FCFS)
Shortest Job First
Priority Scheduling
Round Robin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are some of the metrics used to measure the effectiveness of Scheduling algorithms?

A

Average Turnaround Time - time from start to all tasks completed / number of processes

Average Waiting Time - average(time between process availability and process completed)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

What Scheduling algorithm does Windows use?

A

Round Robin with 32 priority levels.

Levels >16 are real time.

UI windows have their quantum time tripled when in focus.

Windows 8 and higher adjust the frequency of clock interrupts based on system activity to save power.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

What is a Race Condition?

A

A race condition is where two or more threads attempt to access the same memory location or resource at the same time.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

How do we solve the issue of a Race Condition, and what boundaries must be defined in our code to facilitate this.

A

A Mutex or Semaphore is required to prevent multiple threads from accessing a resource at the same time.

The Mutex or Semaphore should be placed around a Critical Region.
The Critical Region is the area of code where the resource is needed.

The Mutex or Semaphore will cause the program to wait at the Critical Region until it is safe to proceed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

What is the difference between a Mutex and Semaphore?

A

Mutexes are basic locking objects with two states (locked and unlocked).

Semaphores are non-negative integer counters used when you have multiple identical copies of a resource available and any of them can be used.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

What is an ACL in Operating Systems?

A

An Access Control List (ACL) is a technique of managing permissions in the file system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
What are CAV and CLV in disk read/write?
Constant Angular Velocity - constant RPM. Constant Linear Velocity - adjusted RPM based on radius position.
26
What is the equation for bandwidth?
(Number of Bytes Transferred) / (Time) ? baud_rate * frequency In Signal Processing: highest_frequency - lowest_frequency
27
What are some of the methods of disk scheduling?
- First Come, First Served (FCFS) - Shortest Seek Time First (SSTF) - SCAN - LOOK
28
What is the difference between SSTF and SCAN disk scheduling?
Shortest Seek Time First (SSTF) will rotate clockwise and anticlockwise to minimise the movement time and maximise the read/write time. SCAN will rotate in only one direction. SSTF is more efficient in terms of read/write time, however some requests may hang for a significant and unfair amount of time (if there are many requests on the opposite side of the platter). SCAN will avoid this starvation issue.
29
What is the difference between SCAN and C-SCAN disk scheduling?
SCAN will search from start to end, then end to start and repeat. C-SCAN or Circular SCAN will search from start to end and then repeat.
30
What are the LOOK and C-LOOK disk scheduling algorithms?
Variants of SCAN and C-SCAN (respectively) that only reach the position of the final request before resetting, rather than the end of the disk.
31
What is RAID in storage?
Redundant Array of Independent Disks. A method of combining small disks to provide redundancy in case of a failure.
32
What is a Virtual File System?
The Operating System doesn't want to know the details of the storage system hardware, so access is conducted through an interface. This means, for example, that a network drive behaves the same as a local drive.
33
What are inodes?
Inodes (or index nodes) store metadata about files and directories. They store: - File Type - Permissions - Owner (UID) and Group (GID) - File Size - Timestamps - (and a few others) But notably they do not store: - Filename (stored in the directory structure) - File content
34
What file structure does DOS use? How does it work?
FAT32 (File Allocation Table 32-bit) Uses a table to track where on disk files are stored. Table records Chains of Clusters (of Blocks). Each entry points to the next Cluster of the file, or marks the end of the file.
35
How do directories work in FAT32?
Directories are special files that contain a list of filenames with their cluster locations, sizes and some other attributes.
36
How does FAT32 handle free space?
Unused Clusters are marked as free. When a new file is created, the system looks for free clusters.
37
Where is FAT32 used?
USB storage devices, SD cards, external storage devices. Sometimes full computer system storage. However it's quite dated and its main benefit today is cross-platform compatibility.
38
What file structure does modern Windows use? How does it work?
NTFS (New Technology File System) Has a Master File Table (MFT) to store metadata about every file and directory. Small files can be stored directly in the MFT ('resident' files) for performance. Disk is split into Clusters (of around 4KB). Files larger than 1 Cluster will have all locations listed in the MFT. Directories are structured as B (Balanced) Trees for quick traversal. Journaling / Transition Log is used (before modification to the file system takes place) so that changes can be undone or replayed in the event of a crash. Uses Access Control Lists (ACLs). Supports Encrypted File System (EFS). Supports Symbolic Links.
39
What file structure did Mac OS use before 2017? How does it work?
HFS+ (Hierarchical File System Plus) - Partition Map to keep track of different partitions on the disk. - Allocation File tracks block usage. - Catalog file holds B (Balanced) Tree of file directory
40
What file structure does Mac OS use since 2017?
APFS (Apple File System)
41
What are the differences between NTFS and HFS+?
NTFS optimised for Windows; HFS+ optimised for Mac OS. HTFS supports more sophisticated Journaling. HTFS supports more sophisticated Access Control Lists (ACL). HTFS supports Encrypted File System (EFS). HTFS is optimised for SSDs. HTFS deals better with disk fragmentation.
42
What are the 6 most common File System structures? What are the key differences between them?
FAT32 -> ExFAT NTFS -> ReFS (Windows) HFS+ -> APFS (Mac OS) ExFAT replaced FAT32; APFS replaced HFS+; ReFS is a more optimised alternative to NTFS for Windows Server only. Journaling is not present in FAT32 or ExFAT. It is more advanced in ReFS and APFS. Compression is only available in NTFS and HFS+. Encryption is available in NTFS, HFS+ and APFS. Fragmentation is best handled in ReFS and APFS; handled well in ExFAT and NTFS; poorly in HFS+; very poorly in FAT32. FAT32 and ExFAT have no crash protection. NTFS achieves it with Transaction Logs. ReFS with Self-healing. HFS+ with Journaling. APFS with Atomic Transactions. FAT32 - Best for compatibility. ExFAT - More robust than FAT32 at a slight cost to compatibility. NTFS - Secure with large volume support. ReFS - Scalable with data integrity, but only for Windows Server. HFS+ - Best Mac OS support APFS - Fast secure and robust, but only for modern Apple devices.
43
What is Journaling in File Systems?
Journaling is where when data is updated, the old data is not actually replaced, but rather new nodes are created in a linked-list-like structure and the relevant references are updated.
44
What file structures are used by CD ROMs?
ISO 9660 (High Sierra) - non-rewritable disks. ISO 13346 - rewritable disks.
45
What is a Deadlock?
To avoid Race Conditions, processes need to lock down resources. If two processes both need access to the same two resources and one process has a lock on one resource and the other on the other, you have an infinite loop where neither process can progress and return the resource. This kind of locking infinite loop is called a deadlock, and can sometimes be invoked from large chains of processes.
46
What are the 4 conditions of a Deadlock?
Mutual Exclusion. Hold and Wait. No Preemption (resource cannot be taken from a holding process). Circular Wait.
47
What is Banker's Algorithm?
Deadlock Avoidance algorithm by Dijkstra. - Maximum - Allocated - Required - Available - Total You have matrices for Maximum and Allocated which tell you how many of each Resource each Process needs, and already has. You also have a matrix for Required, which is Maximum - Allocated. You have the number of each Resource that is still Available for allocation. You can compute the Total number of each Resource by summing Allocated for each Process and the Available.
48
How does Banker's Algorithm work?
Given the Maximum and Allocated matrices along with the Available Resources, compute the Required and Total. For each process, if Required < Available the process can complete and Available increases by Allocated for the process. Repeat until all processes have been completed or a full loop has run without completing any processes. If there are incomplete Processes and no more can be completed, you have a deadlock.
49
What is the difference between a Mainframe and a Miniframe?
Miniframes have more users, so the OS role of an Interface becomes more important.
50
During CPU Scheduling, what are the different types of systems, and what task priorities do they have?
- All Systems - Fairness - Policy - Balance - System-critical - Batch Systems - Throughput - Turnaround time - CPU Utilisation - Interactive Systems - Response time - Active Windows - Real-time Systems - Meeting deadlines - Predictability
51
What are the 6 parts of Process Management?
Creation Termination Process State Models Process Description Process Control Block (PCB) Process Switching and Interrupts.
52
What is Strict Alternation?
A turn-based system to solve Race Condition issues. Main problem is that when a process doesn't use its turn, it will not pass its turn on to other processes that may need it.
53
What is Peterson's Algorithm?
A system to solve Race Condition issues. One critical region ticket is available. Process must claim the ticket before entering the critical section. Only one process may have the ticket at once. If a process doesn't need it, it doesn't prevent the others (solves issue of Strict Alternation).
54
What is a File System?
[Definition] An organised collection of files, usually in a hierarchical structure.
55
What is a Record? (File Systems)
[Definition] A discrete part of a file. Records can be single bytes or more complex data structures.
56
What is a Block? (File Systems)
[Definition] The smallest chunks of individually addressable storage.
57
What is the CIA principle?
Confidentiality Integrity Availability Non-repudiation
58
How do you recover from a Deadlock?
- Don't claim any of the required resources unless they're all available. - If a process is waiting for more than some small but random amount of time, drop all held resources, pause and then try again.
59
What is Paging?
The mapping between virtual memory addresses (that we use in programming) and physical memory in the device.
60
Why do we need Paging?
Simplicity, Efficiency, Safety. Simplicity – Paging abstracts memory management by making each process believe it has a contiguous block of memory, even though physical memory may be fragmented or spread across multiple RAM modules. It also seamlessly integrates virtual memory (e.g. from disk) into a single logical address space. Efficiency – Paging enables efficient memory usage by allowing the OS to load only the necessary parts (pages) of a program into RAM. Frequently accessed pages can stay in RAM, while less-used pages remain on disk. This dynamic mapping happens without changing the process’s code or its view of memory. Safety – Paging enforces memory isolation. Each process operates within its own virtual address space, preventing it from reading or writing to another process's memory, which protects system stability and security.
61
What is a Page Fault?
An error that occurs in Page Table lookup where the required data is not loaded into RAM.
62
What is NRU replacement in Paging
Not Recently Used. When a Page Fault occurs, randomly select a page of the lowest available category to remove from memory. R bit - recently accessed flag M bit - recently modified flag Category 0: !R !M Category 1: !R M Category 2: R !M Category 3: R M
63
What is Second Chance replacement in Paging?
Based on FIFO; when we have a Page Fault and need to load something into physical memory but have no remaining space, the oldest value is the one that is removed. With Second Chance replacement, every value has a reference bit which is initially set to 0. When a Page Fault does not occur, the page that has just been searched has its reference bit _set_ (not incremented) to 1. Now, when a Page Fault occurs and we look at the oldest page, if its reference bit is 1, we set it back to 0 and check the next oldest. We only remove a page if its reference bit is 0.
64
What is Clock-based replacement in Paging?
According to lecture: The same as Second Chance replacement but uses a circular queue instead of a regular queue. According to the internet: The same as Second Chance.
65
What is a Multi-level Page Table?
A flat Page Table containing everything would take a large chunk of contiguous memory, and it is probable that only a small amount of the table will be frequently used. Multi-level Page Table is where we have one master Page Table that points to other Page Tables. The sub Page Tables that are not frequently used can be moved to slower-access virtual memory, whereas frequently-used sub Page Tables can be kept in main memory along with the master Page Table. No references are broken, but but lower-frequency pages have more intermediate steps to save main memory space.
66
What are the different Segmentations in a Program?
- Symbol Table - Source Text - Constants - Parse Tree - Call Stack
67
What are the benefits to using Segmentation?
- Arc Injection prevention. - DMA protection. - Reduced internal fragmentation. (find more).
68
What are the benefits of Harvard Architecture over Von Neumann?
- Security - Speed (parallel instruction/data access)
69
What are the drawbacks of Harvard Architecture vs Von Neumann?
- Cost - Device efficiency? (if one is at capacity it cant use extra space from the other)
70
What is ASLR?
Adress Space Layout Randomisation Makes buffer overflow attacks more difficult because it's more difficult to determine the address spaces of the current and target processes. Executables must be compiled with ASLR support to work.
71
What is the Optimal Page Replacement Algorithm?
AKA Belady's Algorithm. Page Replacement Algorithm that relies on future memory access and replaces the page that will not be used for the longest time in the future. It's impractical because we don't know this in a live system, but it serves as a benchmark for practical algorithms that do not have this capability.
72
What is ESP?
Executable Space Protection. Memory regions can be marked with the 'NX' bit to prevent execution.
73
What is the difference between Protection and Security?
Protection is internally-facing. Security is externally-facing.
74
What is RBAC?
Role-based Access Control. Permissions are set for roles rather than individuals.
75
What are ACLs?
Access Control Lists. Used by RBACs to store the permissions for each role. Contain Access Control Entries (ACEs).
76
What is an Access Matrix?
Abstraction of a systems protection domain. Row labels = users/processes Column labels = objects Cells = permission levels
77
What are the 3 principles of Protection?
Principle of least privilege Principle of privilege separation KISS Principle
78
What are the 3 main types of kernel?
Monolithic Microkernel Modular Kernel
79
When would you use a Monolithic Kernel vs Microkernel?
Monolithic has everything in one place which is efficient but can become very complex. Microkernel separates things out and delegates different functions to different processes, offering flexibility and modularity at the cost of performance. Monolithic might be preferable for performance-critical systems like simulation clusters, or just where the requirement specification itself is fairly simple.
80
What is the difference between Monolithic Kernel, Microkernel, and Modular Kernel?
In Monolithic, one single process is responsible for all system services (e.g. device drivers, file system, memory management) and it runs in kernel space. [e.g. Traditional (pre 1995) Linux, UNIX] In Microkernel, only essential system services (e.g. low-level address space management, thread management, IPC) run in kernel space and everything else (e.g. device drivers, file system) runs in user space. [e.g. MINIX] In Modular Kernel, modules (responsible for e.g. device drivers, file system) can be dynamically moved into and out of kernel space. [e.g. Modern Linux, Windows NT]
81
How does Buffer Overflow work? Give Pseudocode.
Buffer overflow occurs when the content we write to a block of memory is larger than the size of the block itself. The operating keeps writing until the input is done even once we are outside of the block. char buffer[8]; strcpy(buffer, "ThisIsWayTooLong");
82
What are the benefits and drawbacks of Monolithic Kernel?
+ Fast Performance due to direct access. + Efficient in terms of resource. - Less stable; a bug in one part (e.g. driver) can crash the whole system. - Harder to maintain.
83
What are the benefits and drawbacks of Microkernel?
+ Better stability; user space crashes don't crash the kernel. + Easier to maintain / extend. - Slower due to more context switches and IPC. - More complex to design.
84
What are the benefits and drawbacks of Modular Kernel?
+ Flexibility; modules can be added/removed without rebooting. + Good balance of performance and maintainability. - Bugs can still crash the whole system. - More overhead than a monolithic kernel.
85
What is TLB in Paging?
Translation Lookaside Buffer. Cached subsection of a page table used to improve average lookup speed.
86
What are the 4 requirements that a process must meet to correctly use the Critical Section?
Mutex Progress Bounded Wait No Assumptions of Processor speed / timings / scheduling policy.