OS unit 5 and 6 Flashcards
(15 cards)
What is the definition of a cyber threat?
List three common types of cyberattacks.
A cyber threat refers to the possibility of a malicious attempt to damage, disrupt, or gain unauthorized access to a computer system, network, or digital data.
1 Phishing
2 DOS
3 Malware
Given a buffer overflow attack, break down how the attacker manipulates system memory to exploit this vulnerability.
Buffer overflow: More input than buffer capacity
1 Identify vulnerable buffer
2 Craft malicious input
3 Overwrite control data (return address)
4 Inject shell code
5 Gain Access
How would you apply intrusion detection to identify and prevent potential attacks in a network environment?
1 Deploy IDS (NIDS, HIDS)
2 Traffic Monitoring and analysis (Packet sniffing - inspect, Signature detection, Anomaly detection)
3 Define Baselines and Alert Rules (large data transfer, multiple failed login, access to ports)
4 Log analysis (analysis of logs from firewall, routers, servers)
5 Respond and Prevent (automated response, manual investigation, update signatures)
6 Continuous monitoring and improvement
How does discretionary access control (DAC) differ from role-based access control (RBAC)?
What are the primary goals of malicious software (malware) from an attacker’s perspective?
DAC - user discretion based, individual access control, more flexible but hard to manage, less scalable, high security risk
RBAC - role based, administrators define roles, more structured hence easy to manage, more scalable, less security risk
1 Data theft
2 Unauthorized access
3 Data corruption
4 Botnet recuitment (DDoS, spam)
5 Espionage (spying)
6 Financial gain
Name two examples of malicious software that fall under the category of “multiple-threat malware
1 Stuxnet – A sophisticated worm that included virus and trojan features, targeting industrial control systems (ICS).
2 Conficker – A worm that also included rootkit and botnet capabilities, allowing remote control and infection persistence.
What is multi-threat malware?
Multiple-threat malware is a type of malicious software that combines features of various malware types—such as viruses, worms, trojans, spyware, and rootkits—into a single, powerful threat.
Characteristics:
1 Persistence
2 Versatility
3 Coordination (Often used in Advanced Persistent Threats (APTs) )
MFA usage
MFA - two or more independent credentials
1 something you know (pass, pin)
2 something you have (smartphone, tablet)
3 something you are (fingerprint, face id)
- How it solves sec issues:
1 Avoid unauthorized access
2 Prevent phishing, credential fraud
3 Reused passwords
4 Prevents automated attacks
5 Enhance user trust
What are the key components involved in I/O function organization within an operating system?
1 I/O devices
2 Device drivers (Interface bet OS and H/W)
3 Interrupt handler (Signals from I/O devices)
4 DMA
5 I/O scheduling
6 System calls, signals (Access to system level interface)
7 Buffer, Cache
8 I/O Controllers (transmission between system and peripherals)
Types of file structures
1 Sequential
2 Indexed
3 Hashed
4 Hierarchical
5 Network
HDD|SSD
HDD (hard disk drive) - magnetic spinning disks, performance low, maintenance/ware out common, speed low, power usage high, cost low
SSD (Solid state drive) - flash memory, performance high, no moving parts hence ware out low, speed high, power consum low, cost high
Centralized | Decentralized
Criteria :
1 defn
2 file access time
3 fault tolerance
4 management simplicity
5 scalability
6 network traffic
7 bottleneck possibility
Single Buffer | Double Buffer
Criteria:
1 defn
2 data flow
3 concurrency
4 performance
5 latency
6 complexity
7 use case (simple systems, gaming systems)
What is secondary storage?
It is non volatile memory used to data permanently or semi-permanently outside main memory
What is disk scheduling? Why is it important?
Disk scheduling is the process by which the operating system decides the order in which I/O requests to the disk are handled.
1 Minimize seek time
2 Increase throughput
3 Impoves response time
4 Essential for multitasking
What is a file system, and what are its basic components?
A file system is a method and data structure used by an operating system to store, retrieve, and manage files on a storage device
1 Files
2 Directories (Logical containers )
3 Metadata
4 File Control Block (FCB) (metadata and file access info)
5 Access Control
6 Data Blocks (Actual areas on disk where file data is stored.)
