Chapter 6, 7, Chapter 17, Chapter 16, Chapter 12, Chapter 11, 13, 14, 15, Chapter 10, Chapter 9, Chapter 8, Chapter 5, Chapter 3, Chapter 4, Chapter 1,2, Appendix A Operating Systems

Ace your homework & exams now with Quizwiz!

o Briefly explain what a zero-day attack is and why it is a problem

Attacks that not have been seen before and therefore cannot be detected via their signatures.

Under what circumstances do page faults occur? Describe the actions taken by the operating system when a page fault occurs.

A page fault occurs when a requested page isn't in memory. The OS typically will bring in the page from memory and restart the instruction

o explain how a sector is related to a track, and then how a track is related to a cylinder in multiple disk hard drive

A sector are subdivisions of usually equal size in a track. A track is the surface of a platter logically divided into the circular tracks. The set of tracks at a given arm position make up a cylinder.

o explain or show in code how a semaphore locking system might be used to protect a critical section

A semaphore is basically a counter and a lock at once. A binary semaphore can only be of value 0 or 1. A counter semaphore can be used to control access to a given resource consisting of finite number of instances. The semaphore works by initializing itself to the number of resources available. If something wants to use a resource then a wait happens. When a process releases a resource then it posts/signals it. When the count goes to 0 then all resources are being used. After that, processes that wish to use the resource will block until the count becomes greater than 0.

o Briefly explain how a secure by default strategy minimizes a system's attack surface

Basing it off of Solaris 10, they disable many services when it is installed and have to be specifically enabled by the system admins. They reduce attack surface because the more "open" a system is, the more likely there is to be a bug to exploit it.

Consider a logical address space of 64 pages of 1,024 words each, mapped onto a physical memory of 32 frames. How many bits are there in the logical address? How many bits are there in the physical address?

1024 words each = 210 There are 64 pages = 26 There are 32 Frames = 25 A) 16 bits 10 + 6 B) 15 bits 10 + 5

Consider a logical address space of 256 pages with a 4-KB page size, mapped onto a physical memory of 64 frames

256 -> 2^8 :: 4KB -> 2^12 :: 64 -> 2^6 How many bits are required in the logical address? 8+12 = 20bits How many bits are required in the physical address? 12+6 = 18bits

Consider a computer system with a 32-bit logical address and 8-KB page size. The system supports up to 1 GB of physical memory. How many entries are there in each of the following?

A conventional, single-level page table 2 An inverted page table 2^29/2^12 = 2^17

consider a computer system with a 32-bit logical address and 4-KB page size. The system supports up to 512 MB of physical memory. How many entries are there in each of the following?

A conventional, single-level page table 2^32/2^12 = 2^20 An inverted page table 2^29/2^12=2^17

o explain why a system might need to relinquish or revoke access rights, and provide an example

A system might need to revoke access rights when an object might actually be a virus with access to permissions that could destroy the computer. Or it could be because a user changed something that the admin is not happy about and may need to revoke access since they are not trusted anymore.

Assume that you have a page-reference string for a process with m frames (initially all empty). The page-reference string has length p, and n distinct page numbers occur in it. Answer these questions for any page-replacement algorithms: a. What is a lower bound on the number of page faults? b. What is an upper bound on the number of page faults?

A) n B) p

o with respect to Access Matrices, explain the difference between an Access List for Objects and a Capability List for Domains

Access Lists: when you ask for the object there's a manager to authenticate permission to use and access it. Its usually on a managing device, i.e. server. Capability List: list of objects together with the operations allowed on those objects. An object is represented by its physical name or address, called a capability. It is a protected object maintained by the OS and only accessed indirectly. Generally on own computer

o Briefly explain a port scanning process

An automated tool meant to identify known vulnerabilities. This can help figure out what OS is being used. It can provide much more information as well such as what firewalls are defending the target Find a free port to get access!

o explain the difference between a block device interface and a character device interface

Block device interface - captures all aspects necessary for accessing disk drives and other block oriented devices. A device is expected to understand read and write commands. If it is a random access device then seek as well Character device interface - the interface for I/O to character devices (like keyboards)

o define the terms: CPU utilization, throughput, turnaround time, waiting time, and response time

CPU utilization: How much the CPU is being using. About 40% for lightly loaded system and about 90% for heavy loaded Throughput: number of processes that are completed per time unit. Turnaround time: interval from the time of submission of a process to the time of completion. Sum of the periods spent waiting in ready queue, executing on the CPU, and doing I/O Waiting time: CPU scheduling affects the time a process spend waiting. Sum of the periods spent waiting in the ready queue Response time: the time it takes to start responding, not the times it takes to output the response

o briefly describe and/or compare contiguous allocation, linked allocation, and/or indexed allocation, and provide an example

Contiguous allocation - requires that each file occupy a set of contiguous blocks on the device. This will lower the head movement when accessing block b+1 after block b Linked Allocation - each file is a linked list of storage block; the blocks may be scattered anywhere on the device Indexed Allocation - solves the problems of linked list having blocks all over the disk by bring all the pointers together into one location: the index block. Each file has its own index block, which is an array of storage block addresses

o briefly explain the concepts of concurrency and synchronization and how they contribute to Operating System actions

Concurrency is multiple things being executed at the same time. They don't necessarily have to be running in parallel, it can be something as simple as a process being paused midway so that another process can start and context switching between them.

o Explain the commonalities and differences between breach of confidentiality, breach of integrity, breach of availability, theft of service, denial of service (quiz question will likely just have two or three of these)

Confidentiality: unauthorized reading of data or theft of information. Capturing secret data from a system or a data stream. Integrity: unauthorized modification of data. Result in passing of liability to an innocent party or modification of code. Availability: unauthorized destruction data. Website defacement is an example Theft of service: unauthorized use of resources. An intruder or intrusion program (think of bit coin miners using up resources to mine) Denial of service: preventing legitimate use of the system.

o identify and describe three types of OS operations that might occur with a file

Creating a File - two steps are required. First, space in the file system must be found for the file. Second, an entry for the new file must be made in a directory Deleting a File - we search the directory for the named file. Release all file space, so that it can be reused by other files ,and erase or mark as free the directory entry. Writing a File - make a system call specifying both the open file handle and the information to be written to the file. The system must keep a write pointer to the location in the file where the next write is to take place if it is sequential. The pointer must be updated whenever a write occurs

o Briefly explain a denial of service attack (or distributed DOS) and explain what a zombie computer is and how it is used for these attacks

DDOS: attacking a server so that it gets slowed down and is overwhelmed with requests that it can not be accessed. Zombie computer: The malicious party will use an unsuspecting persons computer to launch the attack so that they will not have a trace leading back to them and will make it harder.

describe how DMA (direct memory access) works and what "cycle stealing" means

DMA - the host writes a DMA command block into memory. It contains a pointer to the source of a transfer, a pointer to the destination, and a count of the number of bytes to be transferred. It operates the memory bus directly. When the entire transfer is finished, the DMA controller interrupts the CPU Cycle stealing - when the DMA controller seizes the memory bus, the CPU is momentarily prevented from accessing main memory, although it can still access data items in its caches.

o Briefly explain the difference between a digital signature authentication algorithm and a digital certificate strategy

Digital signature authentication algo: enable anyone to verify the authenticity of the message. It is not possible to get a private key from a public key Digital certificate strategy: public key digitally signed by a trusted party. Trusted party receives proof of identification from some entity and certifies that the public key belongs to that entity

o analyze and explain the various paging algorithms such as FIFO, LRU, LFU, OPT, Clock, and MFU

FIFO( first in first out ) When a page must be replaced, the oldest page is chosen Increasing the number of allocated frames also increases the page fault rate. LRU (least recently used) Chooses the page that has not been used for the longest period of time LFU Page with the smallest count be replaced OPT ( optimal page transfer? ) Replace the page that will not be used for the longest period of time Guarantees the lowest possible page fault rate for a fixed number of frames Difficult to implement because it requires future knowledge of the reference string Clock (second chance?) MFU Page with the highest count be replaced

o Explain one or more of the following virus threats: file, boot, macro, source code, polymorphic, encrypted, stealth, tunneling, multipartite, armored, virus droppers

File: appends itself to a file. Changes the start of the program so that execution jumps to its code. It can be unnoticed since it returns control to the program once it is finished executing. Boot: affects the boot sector of the system, executing every time the system is booted and before the operating system is loaded. Macro: these are designed in high level languages. Triggered when a program capable of executing the macro is run. Source code: looks for source code and modifies it to include the virus and helps to spread the virus Polymorphic: changes each time it is installed to avoid detection by anti-virus software. It changes the virus signature rather than the functionality. Encrypted: includes decryption code along with the encrypted virus to avoid detection. It will decrypt then execute Stealth: tries modifying parts of the system that could be used to detect it. Example: it could modify the read system call so that if the file it has modified is read, the og form is returned rather than the infected Tunneling: any virus that gets installed before an antivirus can detect it Multipartite: infect multiple parts of the system, including boot sectors, memory and files. Difficult to detect and detain Armored: hard for researchers to unravel and understand. Virus droppers: inserts a virus into the system. It is usually a trojan horse, executed for other reason but installing the virus as its core activity.

Given six memory partitions of 300 KB, 600 KB, 350 KB, 200 KB, 750 KB, and 125 KB (in order), how would the first-fit, best-fit, and worst-fit algorithms place processes of size 115 KB, 500 KB, 358 KB, 200 KB,and 375 KB (in order)?

First Fit: would put 115KB->300KB making it 185KB left. Then 500KB -> 600KB leaving 100KB. 258KB would be placed in 750KB leaving 392KB. 200KB -> 350KB leaving 150KB. 375-> 392KB

o explain the value of using tiered or hierarchical paging

Hierarchical paging: involves dividing a logical address into multiple parts, each referring to different levels of page tables. As addresses expand beyond 32 bits, the number of hierarchical levels may become large.

briefly explain the Dining Philosophers problem; describe some other real-world condition that would represent this problem

Philosopher's and their forks.... Use housekeepers as an example.

o explain how the book's test and set model works and why it must work as an atomic process

The model works by writing something to a memory location and return its old value as a single atomic operation. It must work as an atomic process so that if they are executed simultaneously (each on a different core) , they will be executed sequentially in some arbitrary order.

o explain what page hits and misses means, and what the consequences of each might be

If a page number is not in the TLB, address translation proceeds following the steps, where a memory reference to the page table must be made. The consequences would be that it must go through the full searching process instead of the quick table

o explain how SJF would work if it was configured as a preemptive strategy

If it was preemptive, it would allow processes that are shorter than the remaining time of the current process. A preemptive SJF algorithm will preempt the currently executing process. Also known as shortest remaining time first scheduling.

o explain or show in code how a mutex lock might be used to protect a critical section

If thread0 acquires a lock and goes into its critical section, then when thread1 comes to acquire the lock it won't be able to because thread0 is still in the middle of its critical section so thread1 is blocked from going into its own critical section

Why might a system use interrupt-driven I/O to manage a single serial port and polling I/O to manage a front-end processor, such as a terminal concentrator?

Interrupts would be used when the I/O of a single serial port might be infrequent and would be inefficient when having to be polling for long periods of time without finding anything frequently. Infrequently. A system might use polling because there will be something found frequently and it will end up actually being efficient. There shouldn't be too many long periods of waiting since it is best used when it can check and find something most of the time. Frequent and short. Overhead will be less with polling.

o explain how the LOOK hard drive scheduling system is better than the FCFS hard drive scheduling system

It has better performance since there will be less seek time between each request since the head will continue moving from the first to the last request repeatedly. It has less waiting time because of this.

what kinds of actions the dispatcher need to conduct, and why they need to be conducted

It needs to: switch context from one process to another, switch to user mode, jump to the proper location in the user program to resume that program The dispatcher needs to work as fast as possible, since it is invoked during every context switch

o Explain one or more of the following attacks: masquerading (or spoofing), replay attack, message modification, man-in-the-middle attack, session hijacking

Masquerading (spoofing): one participant in a communication pretends to be someone else (breach authentication). Can gain access that they would not normally be allowed Replay attack: malicious or fraudulent repeat of a valid data transmission (example: someone could have a machine that reads the signal of a garage opener and the replays it to the garage to open it themselves) Message modification: attacker changes data in a communication without the sender's knowledge. (is it possible to intercept an email, change it, then have it continue to the recipient) Man-in-the-middle attack: sits in the data flow of a communication, masquerading as the sender to the receiver, and vice versa. You could have the legitimate A and B sending messages to each other but then C will come in with B's key and get that information from A and sending it to B themselves. A thinks it is giving its message to B, and B thinks it's getting its message directly from A but really C is an intruder facilitating the messages. Session hijacking: active communication session is intercepted

o what the three parts of a solution to the critical section problem, and briefly explain each

Mutual Exclusion: If process P is executing in its critical section, then no other processes can be executing in their critical sections Progress: If no process is executing in its critical section and some processes wish to enter their critical sections, then only those processes that are not executing in their remainder sections can participate in deciding which will enter its critical section next, and this selection cannot be postponed indefinitely Bounded Waiting: there exists a bound, or limit, on the number of times that other processes are allowed to enter their critical sections after a process has made a request to enter its critical section and before that request is granted

identify and describe the necessary and sufficient conditions for a deadlock to take place

Mutual Exclusion: at least one resource must be held in a nonshareable mode/ If another threads requests the resource, the requesting thread must be delayed until the resource has been released Hold and Wait: a thread must be holding at least one resource and waiting to acquire additional resources that are currently being held by other threads No preemption: Resources cannot be preempted; that is, a resource can be released only voluntarily by the thread holding it, after that thread has completed its task Circular Wait: A set of waiting threads must exist such that T0 is waiting for a resource held by T1, T1 is waiting for a resource by T2, ..., Tn-1 is waiting for a resource held by Tn and Tn is waiting for a resource held by T0

o explain and compare the principles of locality, temporal and physical

locality: as a process executes, it moves from locality to locality. A locality is set a pages that are actively used together. Temporal: Physical:

Why is it important to scale up system-bus and device speeds as CPU speed increases?

Only scaling one up won't increase the overall speed of everything since one part will keep getting faster but the other one will stay the same.

o identify and describe the three commonly-used strategies for handling deadlock conditions

Prevention: provides a set of methods to ensure that at least one of the necessary conditions cannot hold Avoidance: requires that the operating system be given additional information in advance concerning which resources a thread will request and use during its lifetime. The OS can decide for each request whether the thread should wait. The system must consider the resources currently available, the ones currently allocated to each thread and the future requests and releases of each thread. Detection: Determine whether a deadlock has occurred and provide an algorithm to recover from the deadlock

identify and explain one strategy for managing recovery from a deadlocked condition

Process and Thread Termination: The system reclaims all resources allocated to the terminated process Abort all deadlocked processes: This will break the deadlock cycle. The processes may have computed for a long time, and the results of these partial computation must be discarded and probably will have to be recomputed later Abort one process at a time until the deadlock cycle is eliminated: incurs considerable overhead, since after each process is aborted, a deadlock-detection algorithm must be invoked to determine whether any processes are still deadlocked.

o explain how the SCAN hard drive scheduling algorithm is better than the SSTF scheduling system

SSTF - Shortest Seek Time First - services the quest next which requires least number of head movements from its current position regardless of the direction. SCAN is better than SSTF in the sense that it has a lot less overhead than SSTF since SSTF has to find out the closest request each time. There is a chance of starvation with SSTF that SCAN doesn't have since it will always be going back and forth on the disk. SCAN also only goes in one direction until it reaches the end of the disk while SSTF can end up slowing down with more frequent changes in head direction.

o Briefly explain the difference between a security threat and an attack

Security threat: there is the potential for a security violation Attack: an attempt to break security

o Briefly explain the defense in depth strategy of system defense; provide a non-computer-related example

System defense: Non computer example:

o briefly explain the bounded buffer problem; describe some real-world condition that would represent this problem

The bounded buffer problem is when you have multiple processes that are adding and removing values from a buffer of N size.

What are the various kinds of performance overhead associated with servicing an interrupt?

The first type of overhead involves having a save state being created for the process that got interrupted. There are different types of interrupt services at once too so the instructions for any given process can end up having to be brought in then taken out when finished. This then creates more overhead as the original process now needs to have its instructions be brought back in and also restored These create overhead since modern systems can be handling hundreds of interrupts at any given moment

o Briefly describe what VFS and NFS are, and explain how they might be used in a given computing system

VFS - Virtual File Systems Separates file system generic operations from their implementation by defining a clean VFS interface. It provides a mechanism for uniquely representing a file throughout a network. Based on a file representation structure, called vnode, that contains a numerical designator for a network wide unique file. Distinguishes local files from remote ones NFS -

List three examples of deadlocks that are not related to a computer system environment.

There is one washer and one drying machine to be shared among two housekeepers. A worker needs both a washer and dryer before they can use it. A deadlock can happen if one worker claims the washer but the other claims the dryer. Since they need both machines to do their work, but they are both claimed they are stuck and cannot do their work. They are now waiting for each other to finish their work that can't be done. There is a certain bridge that allows only one car at a time from one direction. If two cars enter the bridge from opposite directions then they will be a deadlock as there is no room for either of them to go through

o explain how page tables are used to access memory

They take the logical address and convert it to a physical address in three steps Extract the page number p and use it as an index into the page table Extract the corresponding frame number f from the page table Replace the page number p in the logical address with the frame number f

How does DMA increase system concurrency? How does it complicate hardware design

Transfers can continue happening even if the CPU is currently in the middle of executing something. Design is complicated because the DMA may need to do cycle stealing since it needs control of the memory bus as well.

o Explain one or more of the following program threats: Trojan horse, trap door, back door, logic bomb, stack/buffer overflow

Trojan horse: A program that acts in a malicious manner, rather than simply performing its stated function. An mobile app is meant to function as only a flashlight but it also is tracking a users input and sending it to a malicious party Trap door/back door: designer leaves a hole in the software that only they are capable of using. Example: embezzling from banks by including rounding errors in their code and having the occasional half cent credited to their account . Logic bomb: back door that can only operate under a specific set of logic conditions. Example, one network admin had a destruction reconfiguration of his company's network execute when his program detected that he was no longer employed at the company. Stack/buffer overflow: When something is trying to access or allocate outside a set of bounds. Examples: infinite recursion, trying to reach an index out of bounds of an array

o describe virtual memory, pre-paging, demand paging, page management and replacement

Virtual memory: involves the serparation of logical memory as perceived by developers from physical memory. Allows an extremely large virtual memory to be provided for programmers when only a smaller physical memory is available. The programmer does not need to worry about the amount of physical memory. Demand paging: load pages only as they are needed. Similar to a paging system with swapping. Loads only the portions of programs that are needed.

o explain how swapping supports effective memory management

can allow the total physical address space of all processes to exceed the real physical memory of the system.

o define the concept of protection as pertains to a computer

controlling the access of processes and users to the resources defined by a computer system. Processes in an OS must be protected from one another's activities. Uses mechanisms to ensure that only processes that have gained proper authorization from the OS can operate on resources.

o briefly describe the mirroring process for a RAID system

duplicate every drive. A logical disk consists of two physical drives, and every write is carried out on both drives. If one of the drives in the volume fails, the data can be read from the other.

o explain the meaning of using a sandbox in computers, and provide an example

enforcing strict limitations on a process example: java and .net enforce sandboxing at the level of their virtual machines. This is probably since the virtual machine does not need to access more than what the programs entails to protect it from accessing protected items.

o analyze page faults and the management related to this issue

page faults are access to a page marked invalid. It is important to be able to restart any instruction after a page fault. An example could be using ADD on A and B and storing the result in C. If we fault trying to store to C because it's in a page not currently in memory then we can get the page, bring it in, correct the page table and restart the instruction. We have to fetch the instruction again when restarting an instruction. When one instruction may modify several different locations: Attempt to access both ends of both blocks so that if a fault occurs, it will happen at this step before anything is modified. Use temporary registers to hold the values of overwritten locations

o analyze and explain page replacement policies

page replacement looks for a frame not being used and frees it. The freed page can now hold the page for which the process faulted. To decrease they make use of a modify/dirty bit. If a modify bit has been set that means the process has been modified since it has been read from memory. If it does not have the bit then the page has not been modified since its read. In this case, we need not write the memory page to storage: it is already there. This also applies to read only pages. They cannot be modified so they can be discarded when desired

o explain the difference between a policy and a mechanism and provide an example

policy: decide what will be done mechanism: how something will be done policies are the rules and mechanisms are the ones who decide how to enforce the rules

o briefly explain what a race condition is, and provide an example

An issue when two+ threads/processes are manipulating shared data without protection. This is because while something like count++ may seem like an atomic expression, at machine level it is multiple steps that can happen at different orders and cause cause "lost" data because of context switching. several processes access and manipulate the same data concurrently and the outcome of the execution depends on the particular order in which the access takes place Example: Two threads are trying to increment and decrement the same variable.

o explain how valid and invalid bit controls are used in memory management

It is one additional bit attached to each entry in the page table. When it is valid, the associated page is in the process's logical address space and is a legal page. When a bit is invalid, the page is not in the process's logical address space. Illegal addresses are trapped by use of the valid-invalid bit

o for purposes of using an Access Matrix, explain what the Domain component is or represents, and explain what the Object component is or represents

It is what determines the privileges an object has. a process executing in domain Di can access only those objects specified in row I, and then only as allowed by the access-matrix The domain is what privileges a process can have and the objects in the same row as a domain are the only things the process can access

o explain how the SSTF hard drive scheduling algorithm is better than the LOOK hard drive scheduling system

LOOK - similar to SCAN except that it scans all the cylinders of the disk starting from the first request at one end to the last request at the other end. It does not have the head move till the ends of the disk when there are no requests to be serviced. SSTF can be better in that there will be less waiting time from request to request since it goes directly to the one with the shortest seek time.

Consider the following page-replacement algorithms. Rank these algorithms on a five-point scale from "bad" to "perfect" according to their page-fault rate. Separate those algorithms that suffer from Belady's anomaly from those that do not. a. LRU replacement b. FIFO replacement c. Optimal replacement d. Second-chance replacement

LRU 2 NO ANOMALY FIFO 4 YES ANOMALY OPTIMAL 1 NO ANOMALY SECOND-CHANCE 3 YES ANOMALY

Assuming a 1-KB page size, what are the page numbers and offsets for the following address references (provided as decimal numbers):

Page number: address / page size (integer) Page offset: address % page size 3085 2^11 offset: 1037 42095 215201 650000 2000001

o Identify and explain the four levels of protection for a system, which include physical, human, operating system, and network

Physical: Sites containing the computer systems must be secured. Machine rooms, terminals, or computers that have access must be secured. I.e making a room with such systems only allowed in with a keycode only those allowed in know. Human: Any person that has access to such systems must be trusted to not expose the systems to unauthorized parties OS: Must be kept up to date so that any vulnerabilities get patched to decrease the attack surface and avoid penetration Network: Must make sure that communications will not be interception or interrupted (DOS).

o identify and explain two strategies for preventing deadlock

Preventing hold and wait: must guarantee that, whenever a thread requests a resource, it does not hold any other resources. One protocol requires each thread to request and be allocated all its resources before it begins execution (impractical). Alternative protocol allows a thread to request resources only when it has none. A thread may request some resources and use them. Before it can request any additional resources, it must release all the resources that it is currently allocated. No preemption: If a thread is holding some resources and requests another resource that cannot be immediately allocated to it, then all resources the thread is currently holding are preempted. These resources are implicitly released. The thread will be restarted only when it can regain its old resources, as well as the new ones that it is requesting. Alternative: if a thread requests some resources, we first check whether they are available. If they are, we allocate them. If they are not, we check whether they are allocated to some other thread that is waiting for additional resources. If so, we preempt the desired resources from the waiting thread and allocate them to the requesting thread. If the resources are neither available nor held by a waiting thread, the requesting thread must wait. While it is waiting, some of its resources may be preempted, but only if another thread requests them. A thread can be restarted only when it is allocated the new resources it is requesting and recovers any resources that were preempted while it was waiting.

o Briefly but clearly explain the difference between protection and security; provide an example that distinguishes between the two

Protection: set of mechanisms that control the access of processes and users to the resources defined by the computer system Example: People need a password to log into their bank account and manage their finances Security: measure of confidence that the integrity of a system and its data will be preserved Example: Banks insure that users will be able to have access to their finances and wont lose money

What is the effect of allowing two entries in a page table to point to the same page frame in memory? Explain how this effect could be used to decrease the amount of time needed to copy a large amount of memory from one place to another. What effect would updating some byte on one page have on the other page

Reentrant code is code that can be shared and is non-self-modifying code. It never changes during execution. Thus, two or more processes can execute the same code at the same time. They only need to access copy of a shared library. It would affect the time needed to transfer a large amount of memory because that is some memory you don't need to transfer each time. The point of reentrant code is that its read only so updating some byte on one page

o given the code, show the results of implementing Peterson's solution in a specific situation

Restricted to two processes that alternate execution

o Briefly explain the difference between risk assessment and penetration testing

Risk assessment: attempts to value the assets of the entity in question and determine the odds that a security incident will affect the entity and decrease its value Penetration testing: entity is scanned for known vulnerabilities.

o explain how the FCFS hard drive scheduling algorithm is better than the SCAN scheduling system

SCAN scheduling works by starting at one end of the disk and moving toward the other end, servicing requests as it reaches each cylinder until it gets to the other end of the disk. FCFS is better than SCAN scheduling because FCFS is more fair and `process each request as they come in while SCAN will be unfair to requests that come in behind the disk arm as its getting to the other side.

o explain the potential difficulties with removing access to a resource

With capabilities, they are distributed throughout the system so we must find them before we can revoke them. Other issues include not knowing if: It is immediate versus delayed, if delayed do we know when that will be Selective versus general: will revoked rights affect all users who have an access right to the object or can we specify a select group of users Partial versus total: can a subset of rights be revoked or must all rights be revoked Temp vs perm: can an object get back the rights in the future or is it forever denied

o identify and explain the main strategy for avoiding deadlock

With the knowledge of the complete sequence of requests and releases for each thread, the system can decide for each request whether the thread should wait in order to avoid a possible future deadlock. Each request requires that in making this decision the system consider the resources currently available, the resources currently allocated to each thread, and the future requests and releases of each thread.

o Explain how a worm might be used to attack computers, and how grappling hook code is used

Worm: use a network to replicate without any help from humans Grappling hook code:

o briefly explain the Readers-Writers problem; describe some real-world condition that would represent this problem

Writers need exclusive access so that readers aren't reading old values that are no longer true. An example of this could be that a shop only have N amount of one product for sale. A reader would need to go and check to make sure that there are still product available while a writer needs to go in and either set N amount of the product to sold or back to available if someone cancels their order.

o describe a bus on a computer and how any of the various buses work

a bus is a set of wires and a rigidly defined protocol that specifies a set of messages that can be sent on the wires PCIe bus - connects the processor-memory subsystem to fast devices. Flexible bus that sends data over one or more lanes. A lane is composed of two signaling pairs, one pair for receiving data and the other for transmitting. Each lane is then made of 4 wires, and each transports data packets simultaneously in both directions Expansion bus - connects relatively slow devices, keyboard and serial and USB port. SAS (serial attaches SCSI) - disks connected together

o explain the value and/o use of a device driver

a driver provides uniform access to various devices and manages I/O to those devices

o explain Role Based Access Control and provide an example

a method of access control in which roles rather than users have access rights; applies to the principle of least privilege to the protection of OS Windows active directory is a service for managing permissions to network resources. From it you can specify who has control over operations to create, edit, and delete different types of DNS resource. Users are restricted to premade set of instructions. Can specify privileges at various levels

o explain the difference between a standard paging system and an inverted page table system

an inverted page table has one entry or each real page of memory. Each entry consists of the virtual address of the page stored in tht real memory location, with information about the process that owns the page. Thus, only one page table is in the system, and it has only one entry for each page of physical memory.

o explain the difference between internal and external fragmentation; provide examples as needed

external fragmentation: memory space is broken into little pieces. Exists when there is enough total memory space to satisfy a request, but the available spaces are not contiguous. Internal fragmentation: memory allocated to a process may be slightly larger than the requested memory. Unused memory that is internal to a partition

o explain how FCFS scheduling works, identify the benefit of using FCFS, and identify a problem with using FCFS

first come first serve, nonpreemptive simple to write and understand average waiting time is often quite long. Troublesome for interactive systems where it is important that each process gets a share of the CPU at regular intervals

o explain commonalities and differences between first fit, next fit, worst fit, and best fit

first fit - first fit finds the first block of memory that is big enough to hold memory next fit ? worst fit - worst fit finds the biggest block of memory in the list and puts the requested memory into it. This needs to search the entire memory best fit - best fit finds the smallest block of memory that can fit the requested memory. This needs to search the entire memory

o analyze and describe thrashing and discuss methods of resolving this issue

high paging activity. A process is thrashing if it is spending more time paging then executing

o explain how an inverted page table is different from a standard page table

in standard every page has its own table inverted:

o explain the value and/o use of a device controller

it can operate a port, bus or a device.

o explain how a TLB is used, how it would access paged data, and why it is helpful (or not)

it consists of a key and a value. When the associative memory is presented with an item, the item is compared with all keys simultaneously. If the item is found, the corresponding value field is returned the search is fast, essentially adding no performance penalty. The TLB must be kept small, but certain methods can double the number of TLB entries available. With tables, the MMU checks if its page number is present in the TLB. If it is, its frame number is immediately available and is used to access memory

o explain how language-based protection is implemented, and provide an example using the Java programming language

it may provide standard protected procedures to interpret software capabilities that would realize the protection policies that could be specified in the language. Can provide software for protection enforcement when automatic hardware supported checking is unavailable. Java: one feature of java is that it can support loading untrusted classes. Thus, protection it handled with the JVM. It will load a class, assign it to a protection domain. This is dependent on if they come from a trusted domain or not. Classes loaded from an untrusted server might have no file access permissions at all.

o explain the principle of least privilege, and provide an example that is not related to computers

least privilege: dictates that programs, users, and even system be given just enough privileges to perform their tasks students don't have the privilege to grade papers, look at other people's grades, or enforce rules since they are at school to learn. It is the teachers who have the higher privilege to do so.

o explain the difference between logical and physical memory addressing (paging, segmenting, and combinations)

logical memory is usually on the user end and is a simpler way for a user to work with memory without having to touch actual addresses. When the memory needs to be accessed, changed or needed in any way it needs to be converted into physical memory physical memory is where the data is actually stored in memory.

o briefly explain the difference between preemptive and non-preemptive scheduling

nonpreemptive scheduling: once the CPU has been allocated to a process, the process keeps the CPU until it releases it either by terminating or by switching to the waiting state. Ensures the kernel will not preempt a process while the kernel data structures are in an inconsistent state. preemptive scheduling: can result in race conditions when data are shared amog several processes. Require mutex locks to prevent race conditions

o describe pages, frames, and page tables, and identify the relationship between each of them

pages: breaking logical memory into blocks of the same size. Page sizes are usually a power of 2, ranging from 4kb to 1gb frames: breaking physical memory into fixed-sized blocks page tables: contains base address of each frame in physical memory, and the offset is the location in the frame being referenced relationship: when a process is created, its pages are loaded into any available memory frames from their source.

o describe the difference between polling and interrupting, and provide examples from either computer or non-computer situations

polling: it is in a loop, reading the status register over and over until the busy bit becomes clear. Example: Let's say there's a vending machine that has a system in place to automatically withdraw the money from the machine to a separate location continuously. The machine cannot dispense the money if there are currently $0 in the machine. The creators made it so the machine is constantly checking the state of its money until it finds that its >$0. This is polling since it keeps checking and waiting until there is money available. Interrupting: the device controller raises an interrupt by asserting a signal on the interrupt request line, the CPU catches the interrupt and dispatches it to the interrupt handler and the handler clears the interrupt by servicing the device. Basically, when an interrupt happens the current state is saved then the interrupt actions passes, and then the original action before the interrupt continues Example: building on the previous example, instead of continuously checking, the thread will instead get interrupted when money is added, the current state is saved, then the interrupting action will be money dispensed into the machine. Once the original state is restored, it can now continue on now that money has been added. This way it doesn't have to keep polling.

o explain how RR scheduling works, identify the benefit of using RR, and identify a problem with using RR

round robin. Similar to FCFS but preemption is added to enable the system to switch between processes. The queue is circular but also like FIFO queue. The CPU scheduler picks the first process form the ready queue, sets a time to interrupt after X time quantum and dispatches the process This will allow all processes to at least be run once so that a few won't get stuck at the end with the possibility of never running Average waiting time is often long

o explain how SJF scheduling works, identify the benefit of using SJF, and identify a problem with using SJF

shortest job first It gives the minimum average waiting time Can't be implemented at the level of CPU scheduling, as there is no way to know the length of the next CPU burst.

o briefly describe the striping process for a RAID system

splitting the bits of each byte across multiple drives. If we have an array of 8 drives then the bit I of each byte will be written to drive I. Every drive participates in every access (read or write); so the number of accesses that can be processed per second is about the same as on a single drive, but each access can read eight times as many data in the same time as on a single drive. This can work as blocks instead of bytes

o briefly describe the difference between a two-level directory structure and a tree structured directory

two level directory - each user has his own user file directory. Each lists only the files of a single user. When a user refers to a particular file, only his UFD is searched Tree structure - a generalization that allows users to create their own subdirectories and to organize their files accordingly. It has a root directiotory and every file in the system has a unique path name

o explain deadlock and provide a representative example that may or may not be related to a computing system

two or more processes are waiting indefinitely for an event that can be caused only by one of the waiting processes. One example could be you have thread0 which is in charge of adding money to an account and thread1 which is in charge of withdrawing money from an account. Let's say that the two threads share one lock. In thread1 we have it so it will acquire the lock, but if the money in the account is 0 then it must wait. This will create a deadlock whenever the account balance is zero because it didn't release the lock before waiting for the balance to go above zero so now the depositor thread won't be able to go to its critical section.


Related study sets

Sinai/Six Day War/Yom Kippur War Assesment

View Set

WGU C247 - Interconnecting Network Devices

View Set

Examples of countries at each of the DTM stages

View Set