Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
14 Cards in this Set
- Front
- Back
|
These systems continue to operate following failure of a computer or network component. The system must be capable of detecting and correcting or circumventing a fault.
|
Fault-tolerant systems
|
|
|
When a hardware or software failure is detected, program execution is terminated, and the system is protected from compromise.
|
Fail-safe systems:
|
|
|
When a hardware or software failure is detected, certain noncritical processing is terminated, and the computer or network continues to function in a degraded mode.
|
Fail-soft (resilient) systems:
|
|
|
When a hardware or software failure is detected, the system automatically transfers processing to a hot backup component, such as a clustered server.
|
Failover systems:
|
|
|
security modes of operation
Dedicated: |
All authorized users must have a clearance level equal to or higher than the highest level of information processed on the system and a valid need-to-know.
|
|
|
security modes of operation
System High |
All authorized users must have a clearance level equal to or higher than the highest level of information processed on the system but a valid need-to-know isn’t necessarily required.
|
|
|
security modes of operation
Multilevel: |
Information at different classification levels is stored or processed on a trusted computer system (a system that employs all necessary hardware and software assurance measures and meets the specified requirements for reliability and security). Authorized users must have an appropriate clearance level, and access restrictions are enforced by the system accordingly.
|
|
|
security modes of operation
Limited access |
Authorized users aren’t required to have a security clearance, but the highest level of information on the system is Sensitive but Unclassified (SBU).
|
|
|
The concept of protection rings
|
The concept of protection rings implements multiple domains with increasing levels of trust near the center. The most privileged ring is identified as Ring 0 and normally includes the operating system’s security kernel. Additional system components are placed in the appropriate concentric ring based on the principle of least privilege.
|
|
|
Describe Open and closed systems
|
An open system is a vendor-independent system that complies with a published and accepted standard. This promotes interoperability between systems and components made by different vendors. Additionally, open systems can be independently reviewed and evaluated, which facilitates identification of bugs and vulnerabilities and rapid development of solutions and updates.
A closed system uses proprietary hardware and/or software that may not be compatible with other systems or components. Source code for software in a closed system is not normally available. |
|
|
A security kernel is the combination of hardware, firmware, and software elements in a Trusted Computing Base that implements the reference monitor concept. Three requirements of a security kernel are that it must
|
Mediate all accesses
Be protected from modification Be verified as correct |
|
|
security kernel is the combination of hardware, firmware, and software elements in a Trusted Computing Base (TCB) that implements what Concept
|
the reference monitor concept.
|
|
|
A **************** is a system component that enforces access controls on an object. Stated another way, a reference monitor is an abstract machine that mediates all access to an object by a subject.
|
reference monitor
|
|
|
the total combination of protection mechanisms within a computer system, including hardware, firmware, and software, which is responsible for enforcing a security policy.
|
Trusted Computing Base (TCB)
|
