Operating System Exam 3

What is the difference between mechanisms and policies?

Mechanisms determine how something will be done, while policies decide what will be done

Which of the following statement about device formatting is FALSE?

Not every partition contains a copy of the operating systems.

Which of the following is FALSE about streams?

The number of modules in a stream is fixed by the operating system.

________________ encrypts the information on the target computer and renders it inaccessible to the owner

Ransomware

An advantage of SSDs over HDDs is

SSDs are faster than HDDs. SSDs are more reliable than HDDs.

Which of the following is FALSE about swap space use?

Swap space may be used to store the file system.

The addresses of a given number of free blocks can be found faster using linked list rather than using grouping.

False

The consistency check is always able to recover the structures, e.g., resulting in loss of files and entire directories.

False

The kernel should not run with a higher level of privileges than user processes.

False

The length of a logical record is fixed for a given operating system.

False

The logical file system module includes the free-space manager.

False

The open() call returns a pointer to the appropriate entry in the system wide-open-file table.

False

The purpose of denial-of-service attacks is to gain information or steal resources.

False

Truncating a file operation resets values of all its attributes and releases its file space.

False

Vectored IO allows one system call to perform multiple IO operations involving a single location.

False

When a user logs on, MW Windows 10 creates a list of files which can be used by the user.

False

You can access a file in an unmounted file system.

False

create() system call uses open-file table.

False

root user can modify mandatory access control (MAC)

False

Which of the following is TRUE about NAS and Cloud storage?

In an event of a temporary network disconnection, an application using NAS will typically hang while an application using cloud storage will typically pause

________________ is not a protection mechanism.

Intrusion Prevention

Which of the following statements regarding solid state disks (SSDs) is false?

They generally consume more power than traditional hard disks

A dedicated device cannot be used concurrently by several processes or threads.

True

A disk drive may have many partitions each of which contains a different file system.

True

A firewall is installed between the trusted and the untrusted.

True

All file systems suffer from internal fragmentation.

True

All operating systems have to support at least one file structure.

True

An I/O system call returns a one-bit information about the status of the call.

True

An NFS (Network File System) is building on a RPC (Remote Procedure Call) system.

True

Apple's systems employs capability-based protection in the form of entitlements.

True

Contiguous allocation of a file is defined by the address of the first block and length (in block units) of the file.

True

Each system should have at least one file system which is bootable.

True

In Solaris, swap space is only used as a backing store for pages of anonymous memory.

True

In UNIX, part of a path name includes a device name.

True

In a dynamic protection system, sometimes access rights to objects shared by different users need to be revoked.

True

In file systems consistent with Session Semantics, the changes in a file are made visible to new sessions only, but are not seen by current sessions.

True

In general, SCAN disk head scheduling will involve less movement of the disk heads than C-SCAN disk head scheduling.

True

In two-level directory structure, the system's master file directory (MFD) is searched when a user logs in.

True

Is an extension a part of a file name?

True

It is much faster for a computer to encode and decode ciphertext by using the usual symmetric algorithms than by using asymmetric algorithms.

True

MS Word documents in RTF format are resistant to macro viruses.

True

RAID level 0 provides no redundancy.

True

Reading and writing a file operations use the same current-file-position pointer.

True

Rings of protection separate functions into domains and order them hierarchically.

True

Solid state disks (SSDs) commonly use the FCFS disk scheduling algorithm.

True

The FAT method incorporates free-block accounting into the allocation data structure.

True

The I/O control level consists of device drivers and interrupt handlers to transfer information between the main memory and the disk system

True

The attack surface is the set of points at which an attacker can try to break into the system.

True

The default set of access rights are used if no entry in the access list is found.

True

The file allocation table (FAT) has one entry for each block and is indexed by block number.

True

Transport Layer Security (TLS) employs server's certificate from certification authority (CA).

True

Windows allows a hard disk to be divided into one or more partitions

True

Writes to the file mapped in memory are not necessarily immediate writes to the file on disk

True

Some binary files can include a magic number. This mechanism is used by __________.

UNIX

Which of the following is true of the Java programming language in relation to protection?

When a class is loaded, the JVM assigns the class to a protection domain that gives the permissions.

Address Space Layout Randomization (ASLR) technique protects an operating system against_______________

a code-injection attack

A capability list for a domain is ____________________

a list of objects together with the operations allowed on those objects.

Trojan mule is a type of the Trojan horse which emulates ____________

a login program

A protection domain is a collection of access rights, each of which is ___________________

a pair <object-name, rights-set>

UNIX systems employ ________________________

acyclic-graph directory

The owner right allows ___________

addition of new rights and removal of some rights

In memory-mapped I/O

address space of the computing device is used for communicating with the I/O devices using the standard I/O instructions.

The file protection can be provided by:

all of the above

To protect the systems we have to ensure security on the following level:

all of the options

Vulnerability scans can check:

all of the options

_______________ is used to implement a file system.

all of the options

Acyclic-graph directory structure_______________________

allows to share files and directories

In __________ write, the data are stored in the cache, and control returns to the caller.

an asynchronous

UNIX inode is an example of _______

an indexed allocation

UNIX systems consider ach file to be a sequence of _______________

bit words, which length is defined by the users

Compared to USB, NVMe provides

both higher throughput and lower latency.

In the case of UNIX, where sharing is implemented by symbolic link________________________

both of the above

Indexed Allocation

both option 1 and 2

Sequential access can be optimized by

both option 1 and 2

Technique used to improve I/O efficiency by temporarily storing copies of data is called

caching.

Which of the following is NOT a technique used for managing power consumption in mobile devices?

chilling with natural sources such as lake water, and solar panels.

The root-partition:

contains an operating system kernel and it is mounted during boot time.

In a swap map in Linux

counter value 5 indicates that the page slot is occupied and the page is shared by five processes.

What pointer is used for writing a file?

current-file-position pointer

In DMA-based I/O,

cycle stealing can slow down the CPU computation, but off-loading the data-transfer work to a DMA controller generally improves the total system performance

close() operation _____ an open count associated with a given file.

decreases

Port scanning allows a hacker to__________________

detect a system's vulnerabilities

The virtual file system layer is dedicated to allow access to:

different types of locally mounted file systems and remote file systems.

NFS protocol

does not provide concurrency control mechanisms

The FAT method ______________

does not store information about free blocks.

A file system may be mounted:

during the boot time or when the operating system is running

A file may be associated with several images at the same time in:

file systems consistent with Session Semantics.

Using a firewall, the following connection is allowed:

from Internet to DMZ (demilitarized zone)

Object means __________

hardware object or software object

File's _______ is a unique tag identifies the file within the file system.

identifier

The garbage collection is necessary _____

in general graph directory structure only

Interrupt chaining

is a compromise between the overhead of a huge interrupt table and the inefficiency of dispatching to a single interrupt handler

(WAFL) Write Anywhere File Layout

is a distributed file system

NFS (Network File System)

is not fully consistent with UNIX Semantics.

A control register in an I/O device control

is read by the host to get input.

Mounting a file systems means that:

is the only user who can execute the file.

The file owner:

is the user who can change the file attributes and grant access to the file.

With _______ locking, once a process acquires an exclusive lock, the operating system will prevent any other process from accessing the locked file.

mandatory

What capability is not used by Linux?

mapped

The current directory is

may be included in the search path

A full bootstrap program

may be infected by viruses.

To further optimize I/O performance, some SSD schedulers

merge adjacent write requests but not adjacent read requests.

Disk scheduling algorithms in operating systems consider only seek distances, because

modern disks do not disclose the physical location of logical blocks.

If a few bits in an HDD sector or NVM page are corrupted, the controller can recover the correct values using ECC only if

number of bits corrupted is low irrespective of where the corruption occurs in the sector/page.

In the two-level directory, if a user refers to a particular file then__________________

only his/her own UFD (user file directory) is searched

When the exclusive lock is applied to a file then _____________

only one process can use this file

What steps are necessary to create a file?

option 1 and 2

Unified virtual memory uses _____________ to cache both process page and file data

page caching

________ is a type of social-engineering attack, in which a legitimate-looking e-mail misleads a user into entering confidential information.

phishing

In polling I/O, the main inefficiency comes from

polling when it is attempted repeatedly yet rarely finds a device ready for service.

Component that measures elapsed time and to trigger operations is called a

programmable interval timer.

DRAMs are now commonly used for mass data storage, because

programs can share data easily when using RAMs.

Buffering in I/O is used to

provide adaptations for devices that have different data-transfer sizes. cope with a speed mismatch between the producer and consumer of a data stream. support copy semantics for application I/O.

Difference between sector sparing and sector slipping is

sector sparing results in copying of a single sector while sector slipping may result in copying of multiple sectors.

What are the two components of positioning time?

seek time + rotational latency

The SCAN scheduling algorithm ____.

services the request next to the current head position in the direction of the head movement

When the shared lock is applied to a file then ____________

several processes can acquire the lock concurrently

Manipulating files through memory rather than using the read() and write() system calls_________________

simplifies and speeds up file access and usage

ACL (access-control list) is associated with each file and directory. It

specifies user names and types of access allowed for each of them

IPSec uses ______ encryption.

symmetric

In a blocking system call, the execution of a process is suspended

the I/O has completed.

A relative path name defines a path from_________________________

the current directory

Number of sectors per track increases as we move from inner zone to outer zone, because

the drive can increase its rotation speed as the head moves from the outer to the inner tracks.

Because all file systems suffer from internal fragmentation, the following relation is true:

the larger block size, the greater the internal fragmentation

User authentication can be based on_______________

the users knowledge of something

A current trend in I/O device technology and I/O subsystem is

there is an increasingly broad variety of I/O devices.

The surface of a magnetic disk platter is divided into ____.

tracks

A Flash Translation Layer

tracks which physical block contains only valid pages

Escape (or back door) in application I/O interface

transparently passes arbitrary commands from an application to a device driver.

TLS provides security at the _______ layer.

transport

UNIX operating system associates a protection domain with the ____.

user

IBM's indexed sequential access method (ISAM)__________________________.

uses a small master index (kept in memory) that points to disk blocks of a secondary index, while the secondary index blocks point to the actual file blocks

Which UNIX inodes and/or vnodes used by the Virtual File System (VFS) have a file representation structure?

vnodes are wide network unique file designators.

The basic file systems _______________

reads and writes physical blocks on the storage device.

Stateless File Servers:

require that each client request is self-contained, i.e., all information needed to locate the file and perform the requested operation is given.

In file systems consistent with UNIX semantics:

writes to a file by a user are immediately visible to other users that have this file open.

IPSs (Intrusion Prevention Systems) can detect zero-day attack if they employ_____________

(option2) anomaly detection

The following characteristics of disks make them convenient for being the secondary storage:

-a disk can access directly any block of information it contains -it is possible to read a block from the disk, modify the block, and write it back into the same place

If a current directory is /home /user/jane and then the propose path to file /home/user /mike/prog.c is_____________________

../mike/prog.c

______________ virus changes each time it is installed to avoid detection by antivirus software.

A polymorphic

The ability to copy an access right from one domain to another may be realized as follows

A right R is copied from domain A to domain B and R is removed from domain A. The right R could be copied from domain B to another domain.

Which of the following is TRUE about a serial port controller and a fibre channel (FC) bus controller?

A serial-port controller is a simple device controller, while an FC bus controller is complex.

Which of the following is an advantage of compiler-based enforcement of access control?

Access privileges are closely related to the linguistic concept of a data type.

The following information is presented for the prog.c -rwxr-xr-- 1 Jim staff 130 May 25 22:13 prog.c Users Jim, Sara and Mike are the members of the group staff

Alan can read prog.c

Which of the following principles is used to improve the efficiency of I/O?

All of the options.

Which of the following is FALSE about Storage Area Networks?

Allocation of storage to hosts is static.

Which of the following is TRUE about managing defective blocks?

Controllers can be instructed to replace a bad block by moving all sectors following the defective sector one sector forward until a spare sector is reached. Low level formatting can set aside spare sectors not visible to the operating system. Defective blocks can be handled by OS by ensuring that the file system doesn't allocate those blocks.

Consider a disk queue holding requests to the following cylinders in the listed order: 116, 22, 3, 11, 75, 185, 100, 87. Using the SCAN scheduling algorithm, what is the order that the requests are serviced, assuming the disk head is at cylinder 88 and moving upward through the cylinders?

100 - 116 - 185 - 87 - 75 - 22 - 11 - 3

A hard disk drive has 16 platters, 8192 cylinders, and 256 4KB sectors per track. The storage capacity of this disk drive is at most

128GB

A two-level directory can be thought as a tree of height _________

2 and its root is MFD

What is the size of the bit vector of a 1TB disk with 512-byte blocks?

2^8mb

Using ____-bit pointers limits the size of a file to 4 GB.

32

RAID level ____ is the most common parity RAID system.

5

Consider a disk queue holding requests to the following cylinders in the listed order: 210, 67, 11, 99, 87, 90, 19, 150. Using the C-SCAN scheduling algorithm, what is the order that the requests are serviced, assuming the disk head is at cylinder 88 and moving upward through the cylinders?

90 - 99 - 150 - 210 - 11 - 19 - 67 - 87

An I/O system call does not include

CPU speed.

Solid state disks (SSDs) commonly use the ___________ disk scheduling policy.

FCFS

Which of the following disk head scheduling algorithms does not take into account the current position of the disk head?

FCFS

A maskable interrupt can never be disabled.

False

A track is the smallest unit of data transfer in a hard disk drive.

False

A virus is a fragment of code embedded in a malware.

False

An expansion bus is used to connect relatively high speed devices to the main bus.

False

Android cannot provide the same level of protection as UNIX, because it is not able to separate users.

False

Data striping provides reliability for RAID systems.

False

Disk controllers do not usually have a built-in cache.

False

Domains cannot share access rights

False

For counting method (used by free space management), the entries in the free-space list can be stored in a linked list, rather than a balanced tree, for efficient lookup, insertion, and deletion.

False

In a symmetric encryption algorithm, one key is used to encrypt and a different one is used to decrypt.

False

In asynchronous replication, each block is written locally and remotely before the write is considered complete.

False

In tree-structured directory the search path always contains "the current directory"

False

Is the set of the file's attributes the same for each operating system?

False

Role-based access control (RBAC) increases the security risterm-171k associated with superusers.

False

SCAN disk head scheduling offers no practical benefit over FCFS disk head scheduling.

False

Sequential access to a file is based on a disk model of a file.

False

Solaris ZFS file system never overwrites blocks with new data.

False

Storage devices that do not allow overwrite (such as NVM devices) need only the free list for managing free space.

False