Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
55 Cards in this Set
- Front
- Back
Can perform multiple operations per single instruction. Optimized for systems in which the fetch phase is the longest part of the instruction execution cycle
|
Complex-Instruction-Set Computing (CISC)
|
|
Requiring fewer clock cycles to execute and optimized for systems in which the fetch and execute phases are approximately equal.
|
Reduced-Instruction-Set Computing (RISC)
|
|
Alternates the execution of multiple subprograms or tasks on a single processor.
|
Multitasking
|
|
Alternates the execution of multiple programs on a single processor.
|
Multiprogramming
|
|
Executes multiple programs on multiple processors simultaneously.
|
Multiprocessing
|
|
The operating system supports multiple operating states, such as single-user and multiuser modes in the UNIX/Linux world and Normal and Safe modes in the Windows world.
|
Multistate
|
|
The operating system can differentiate between users. For example, it provides different shell environments, profiles, or privilege levels for each user, as well as process isolation between users.
|
Multiuser
|
|
What is a group of electronic conductors that interconnect the various components of the computer, transmitting signals, addresses, and data between these components
|
Bus
|
|
What are the two types of main memory
|
RAM and ROM
|
|
What are the two types of RAM
|
SRAM and DRAM
|
|
What are the four types of ROM
|
PROM, EPROM, EEPROM, Flash
|
|
What is secondary storage
|
Non volitile devices such as hard drives
|
|
An address used as the origin for calculating other addresses
|
Base Address
|
|
An address that identifies a location without reference to a base address — or it may be a base address itself
|
Absloute Address
|
|
Specifies an address relative to an index register. (If the index register changes, the resulting memory location changes.)
|
Index Address
|
|
The specified address contains the address to the final desired location in memory.
|
Indirect Address
|
|
Specifies the address of the final desired memory location
|
Direct Address
|
|
The main components of an operating system are
|
Kernal, Device Drivers, Tools
|
|
Sets up an environment in which multiple independent processes (programs) can run
|
Process Management
|
|
Controls access to all available resources, using schemes that may be based on priority or efficiency
|
Resource Management
|
|
Controls communication to all devices that are connected to the computer, including hard drives, printers, monitors, keyboard, mouse, and so on.
|
I/O Device Management
|
|
Controls the allocation and access to main memory (RAM), allocating it to processes, as well as general uses such as disk caching
|
Memory Management
|
|
Controls the file systems that are present on hard drives and other types of devices, and performs all file operations on behalf of individual processes
|
File Management
|
|
Controls communications on all available communications media on behalf of processes.
|
Communications Management
|
|
A software implementation of a computer, enabling many running copies of an operating system to execute on a single running computer without interfering with each other.
|
Virtualization
|
|
What is the entire complement of protection mechanisms within a computer system (including hardware, firmware, and software) that’s responsible for enforcing a security policy.
|
Trusted Computing Base
|
|
What is the boundary that separates the TCB from the rest of the system
|
Security Perimeter
|
|
_______ is the ability to permit or deny the use of an object (a system or file) by a subject (an individual or a process).
|
Access control
|
|
A ________ is a system component that enforces access controls on an object.
|
reference monitor
|
|
A ________ is the combination of hardware, firmware, and software elements in a Trusted Computing Base (TCB) that implements the reference monitor concept
|
security kernel
|
|
All authorized users must have a clearance level equal to or higher than the highest level of information processed on the system and a valid need-to-know.
|
Dedicated Security Mode
|
|
All authorized users must have a clearance level equal to or higher than the highest level of information processed on the system, but a valid need-to-know isn’t necessarily required
|
System High Security Mode
|
|
Information at different classification levels is stored or processed on a trusted computer system. Authorized users must have an appropriate clearance level, and access restrictions are enforced by the system accordingly.
|
Multilevel Security Mode
|
|
Authorized users aren’t required to have a security clearance, but the highest level of information on the system is Sensitive but Unclassified (SBU).
|
Limited Access
|
|
These systems continue to operate after the failure of a computer or network component. The system must be capable of detecting and correcting — or circumventing — a fault.
|
Fault-tolerant systems
|
|
When a hardware or software failure is detected, program execution is terminated, and the system is protected from compromise.
|
Fail-safe systems
|
|
When a hardware or software failure is detected, certain noncritical processing is terminated, and the computer or network continues to function in a degraded mode.
|
Fail-soft (resilient) systems
|
|
When a hardware or software failure is detected, the system automatically transfers processing to a component, such as a clustered server
|
Failover systems
|
|
Unknown, hidden communications that take place within the medium of a legitimate communications channel.
|
Covert Channels
|
|
What systems specify the rights that a subject can transfer to or from another subject or object. These rights are defined through four basic operations: create, revoke, take, and grant.
|
Take-Grant
|
|
Minimal protection - Reserved for systems that fail evaluation.
|
D
|
|
Discretionary protection (DAC) - System doesn’t need to distinguish between individual users and types of access
|
C1
|
|
Controlled access protection (DAC) - System must distinguish between individual users and types of access; object reuse security features required.
|
C2
|
|
Labeled security protection (MAC) - Sensitivity labels required for all subjects and storage objects.
|
B1
|
|
Structured protection (MAC) - Sensitivity labels required for all subjects and objects; trusted path requirements.
|
B2
|
|
Security domains (MAC) - Access control lists (ACLs) are specifically required; system must protect against covert channels
|
B3
|
|
Verified design (MAC) - Formal Top-Level Specification (FTLS) required; configuration management procedures must be enforced throughout entire system life cycle.
|
A1
|
|
What is a formal methodology for comprehensive testing and documentation of information system security safeguards, both technical and nontechnical, in a given environment by using established evaluation criteria
|
Certification
|
|
________ is an official, written approval for the operation of a specific system in a specific environment, as documented in the certification report
|
Accreditation
|
|
What was the first formal confidentiality model of a mandatory access control system
|
Bell LaPadula
|
|
An ________ consists of access control lists (columns) and capability lists (rows)
|
Access Matrix
|
|
What is a lattice-based model that addresses the first goal of integrity: ensuring that modifications to data aren’t made by unauthorized users or processes
|
Biba
|
|
This model is based on the concept of a well-formed transaction, in which a transaction is sufficiently ordered and controlled so that it maintains internal and external consistency
|
Clark Wilson
|
|
This model type is useful for analyzing covert channels, through detailed analysis of the flow of information in a system, including the sources of information and the paths of flow
|
Information Flow Model
|
|
This ensures that the actions of different objects and subjects aren’t seen by (and don’t interfere with) other objects and subjects on the same system
|
Non-interference model
|