Sybex Chp 9 Flashcards
Allows for a “sandbox” mode to isolate the program from the rest of the OS and enforces strict rules about resources those objects can access.
Java Applets
Active X Controls
Java Applets
Active X Controls are not subject to sandbox rules, have full access to the Windows OS, and can perform a number of privileged actions.
What is Grid Computing?
Grid Computing is a form of parallel distributed processing that loosely groups a significant number of processing nodes to work toward a specific processing goal.
What are some of the concerns with Grid Computing?
1) The content of each work packet is potentially exposed to the world
2) Potential risk of a compromise at the central grid servers could trick grid members into performing malicious actions
True / False
SXML is often used to provide web-based SSO
True
What are the goals of MDM
Mobile Device Management goals include:
1) improve security
2) provide monitoring
3) enable remote management
4) support troubleshooting
What is the IoT?
Internet of Things
Collection of devices that can communicate over the Internet with one another or with a control console in order to affect and monitor the real world.
How is a wrapper used in a Trojan Horse?
A wrapper is something used to enclose or contain something else.
True or False
So that layer integrity is maintained, inner layers neither know or depend on outer layers
True
Ensures that data existing at one level of security is not visible to processes running at different security levels.
Data Hiding
Requires that the OS provide separate memory spaces for each process’s instructions and data.
Process Isolation
True or False
Process Isolation protects the integrity of a process
True
Process Isolation prevents unauthorized data access
True or False
It is generally better to use APIs to ask for supervisory mode services or to pass control to trusted, well-protected supervisory mode processes.
True
__________ is the application of the principal of least privilege to administrators.
Separation of Duties
Define covert channel
A method that is used to pass information over a path that is not normally used for communications.
Covert Timing Channel - conveys information by alerting the performance of a system component or modifying a resource’s timing in a predictable way.
Covert Storage Channel - conveys information by writing data to a common storage area where another process can read it
Trusted Recovery
ensures that all system controls remain intact in the event of a crash.
Data Diddling
Making small (non-obvious) random or incremental changes to data during storage, processing, input, output, or transaction
Attack commonly performed by insiders
TOCTOU is also called a __________
Time of Check, Time of Use id also called a:
Race Condition
Simultaneous execution of multiple applications on a single processor
Multithreading
Multitasking
Multiprocessing
Multiprogramming
Multitasking
More than one CPU harnesses the power of more than one processor to execute a single application
Multithreading
Multitasking
Multiprocessing
Multiprogramming
Multiprocessing
Pseudo-simultaneous execution of two tasks on a single processor coordinated by the OS (usually done in batch)
Multithreading
Multitasking
Multiprocessing
Multiprogramming
Multiprogramming
Permits multiple concurrents tasks to be performed within a single process (MS Word open with two documents)
Multithreading
Multitasking
Multiprocessing
Multiprogramming
Multithreading
What is the most effective means for reducing risk of losing data on a mobile device, such as a notebook computer?
1) Defining a strong logon password
2) Minimizing sensitive data stored on the mobile device
3) Using a cable lock
4) Encrypting the hard drive
Minimizing sensitive data stored on the mobile device
think like a manager
What type of electrical component serves as the primary building block for dynamic RAM?
1) Capacitor
2) Resistor
3) Flip-flop
4) Transistor
Capacitor
What type of memory can be written to once?
ROM
PROM
EPROM
EEPROM
PROM
