Final Review
What are the three parts of a solution to the critical section problem and briefly explain each.
1) Mutual Exclusion - If a process is executing in its critical section, then no other process can execute in their critical section. 2) Progress - If no process is executing in its critical section and other processes wish to enter their critical sections, then those processes can decide which process enters their critical section next and this selection can't be postponed indefinitely. 3) Bounded Waiting - There exists a bound / limit on the number of times that other processes can enter their critical sections once a process has made a request to enter their critical section and before that request is granted.
Briefly explain the Readers-Writers Problem; Describe some real-world condition that would represent this problem.
A problem in which several threads/processes have shared access to a file or database • Readers: threads that only read the database • Writers: threads that both read the database and update it (write) • Two readers accessing the shared data simultaneously poses no problem • But, if a writer and another thread (either a reader or a writer) access the shared data simultaneously, problems can arise eg: A real-world example of the readers-writers problem is an airline reservation system • Readers: want to read flight information • Writers: want to make flight reservations • Potential problem: if readers and writers can access the shared data simultaneously then readers/writers may view flights as being available when they've actually just been booked • Solution: enforce mutual exclusion, whilst ensuring the system is fair (avoids starvation)
Explain why a system might need to relinquish or revoke access rights and provide an example
A system might need to revoke access rights when an object might actually be a virus with access to permissions that could destroy the computer. Or it could be because a user changed something that the admin is not happy about and may need to revoke access since they are not trusted anymore.
Briefly explain the bounded buffer problem; describe some real-world condition that would represent this problem
Any condition where a small group of something is stored in a constrained condition. Example - Air lock that lets in a certain number of people at a time. It can't open both doors at the same time It doesn't need to open the inner door if airlock is empty It doesn't need to open the outer door if airlock is full
Explain how buses are used by Operating Systems. Provide an example.
Buses are used to transmit data between separate parts of a computer system. Example - Memory bus which OS uses anytime it wants to access main memory.
Briefly explain the concepts of concurrency and synchronization and how they contribute to Operating System actions
Concurrency is multiple things being executed at the same time. They don't necessarily have to be running in parallel, it can be something as simple as a process being paused midway so that another process can start and context switching between them.
Explain the commonalities and differences between breach of confidentiality, breach of integrity, breach of availability, theft of service, denial of service (quiz question will likely just have two or three of these)
Confidentiality: unauthorized reading of data or theft of information. Capturing secret data from a system or a data stream. Integrity: unauthorized modification of data. Result in passing of liability to an innocent party or modification of code. Availability: unauthorized destruction data. Website defacement is an example Theft of service: unauthorized use of resources. An intruder or intrusion program (think of bit coin miners using up resources to mine) Denial of service: preventing legitimate use of the system.
Identify and describe three types of operations that might occur with a file.
Creating a file -1) Space must be available2) Allocation needs to be made3) File must be in directory Opening a file - Evaluate name and check access permissions. All operations except create and delete require a file open() first. If successful, the open call returns a file handle that's used as an argument in other calls. Writing to a file - Pointer is set in the file that's open and access permission needs to be written.
Briefly explain how the use of DMA impacts the CPU.
DMA helps relieve the burden of memory movement in the CPU because it offloads some of the burden in DMA controllers which work with the CPU in parallel.
provide one example of a computer or computing component that provides protection but not necessarily security for the computer
Fans to reduce heat
Briefly describe how indexed allocation can be superior to contiguous allocation, and provide an example
Indexed allocation - Allows for growth and change in a file Contiguous allocation - Difficult to change.
Explain one or more of the following attacks: masquerading (or spoofing), replay attack, message modification, man-in-the-middle attack, session hijacking
Masquerading (spoofing): one participant in a communication pretends to be someone else (breach authentication). Can gain access that they would not normally be allowed Replay attack: malicious or fraudulent repeat of a valid data transmission (example: someone could have a machine that reads the signal of a garage opener and the replays it to the garage to open it themselves) Message modification: attacker changes data in a communication without the sender's knowledge. (is it possible to intercept an email, change it, then have it continue to the recipient) Man-in-the-middle attack: sits in the data flow of a communication, masquerading as the sender to the receiver, and vice versa. You could have the legitimate A and B sending messages to each other but then C will come in with B's key and get that information from A and sending it to B themselves. A thinks it is giving its message to B, and B thinks it's getting its message directly from A but really C is an intruder facilitating the messages. Session hijacking: active communication session is intercepted
Identify and explain the four levels of protection for a system, which include physical, human, operating system, and network
Physical: Sites containing the computer systems must be secured. Machine rooms, terminals, or computers that have access must be secured. I.e making a room with such systems only allowed in with a keycode only those allowed in know. Human: Any person that has access to such systems must be trusted to not expose the systems to unauthorized parties OS: Must be kept up to date so that any vulnerabilities get patched to decrease the attack surface and avoid penetration Network: Must make sure that communications will not be interception or interrupted (DOS).
identify and describe the three commonly-used strategies for handling deadlock conditions
Prevention: provides a set of methods to ensure that at least one of the necessary conditions cannot hold Avoidance: requires that the operating system be given additional information in advance concerning which resources a thread will request and use during its lifetime. The OS can decide for each request whether the thread should wait. The system must consider the resources currently available, the ones currently allocated to each thread and the future requests and releases of each thread. Detection: Determine whether a deadlock has occurred and provide an algorithm to recover from the deadlock
identify and explain one strategy for managing recovery from a deadlocked condition
Process and Thread Termination: The system reclaims all resources allocated to the terminated process Abort all deadlocked processes: This will break the deadlock cycle. The processes may have computed for a long time, and the results of these partial computation must be discarded and probably will have to be recomputed later Abort one process at a time until the deadlock cycle is eliminated: incurs considerable overhead, since after each process is aborted, a deadlock-detection algorithm must be invoked to determine whether any processes are still deadlocked.
Briefly but clearly explain the difference between protection and security; provide an example that distinguishes between the two
Protection: set of mechanisms that control the access of processes and users to the resources defined by the computer system Example: People need a password to log into their bank account and manage their finances Security: measure of confidence that the integrity of a system and its data will be preserved Example: Banks insure that users will be able to have access to their finances and wont lose money
Explain how the SCAN hard drive scheduling algorithm is better than the SSTF scheduling system.
SSTF - Shortest Seek Time First - services the quest next which requires least number of head movements from its current position regardless of the direction. SCAN is better than SSTF in the sense that it has a lot less overhead than SSTF since SSTF has to find out the closest request each time. There is a chance of starvation with SSTF that SCAN doesn't have since it will always be going back and forth on the disk. SCAN also only goes in one direction until it reaches the end of the disk while SSTF can end up slowing down with more frequent changes in head direction.
Identify and briefly describe a defense in depth strategy that grocery stores are likely to use.
Security in layers Locked doors Electronic tags that set off alarms Cameras Security guards
What is a semaphore?
Semaphores control the number of user transactions that can be run in parallel. It makes sure there aren't too many things running at once.
What is spooling and what does the SPOOL acronym mean?
Spooling - Way for operating systems to organize concurrent output by converting it into a separate secondary storage file ( spool ) that can't accept interleaved data streams. Essentially buffering. SPOOL - Simultaneous Peripheral Operation Online.
Briefly describe the striping process for a RAID system.
Striping distributes a block of data across multiple drives so if one drive fails, the others can continue to store the bulk of data. The striping process spreads bits of bytes across multiple drives. For example, if we had 8 drives, bit 1, 2, 3, 4, 5, 6, 7, and 8 of each byte would be put on drive 1, 2, 3, 4, 5, 6, 7, and 8, respectively.
What reference data must be calculated to conduct this resource analysis? Use the following table cells to find the needed reference data. Note that more cells are provided than required; use the table cells are needed to organize the data. allocation max p1: 1 5 4 2 6 5 p2: 2 5 6 5 7 10 p3: 2 6 8 4 10 11 Is the system safe or unsafe? Show and / or explain how the resources might be distributed to arrive at either a safe or an unsafe state.
The "needs resources" information needs to be calculated. P1: 1 1 1 P2: 3 2 4 P3: 2 4 3 The system is unsafe. P1 is able to have resources available (<1, 5, 4>) for what's needed (<1, 1, 1>). P3 is also able to have resources available (<2, 6, 8>) for what's needed (<2, 4, 3>). But P2 doesn't have the resources available (<2, 5, 6>) for what's needed (<3, 2, 4>) so it causes the system to be unsafe.
Explain how the book's test and set model works and why it must work as an atomic process
The model works by writing something to a memory location and return its old value as a single atomic operation. It must work as an atomic process so that if they are executed simultaneously (each on a different core) , they will be executed sequentially in some arbitrary order.
explain or show in code how a semaphore locking system might be used to protect a critical section
The semaphore works by initializing itself to the number of resources available. If something wants to use a resource then a wait happens. When a process releases a resource then it posts/signals it. When the count goes to 0 then all resources are being used. After that, processes that wish to use the resource will block until the count becomes greater than 0.
Briefly explain the dining philosophers problem and example
There are 5 philosophers sitting around a round table eating spaghetti and each of them has one chopstick between them. All 5 of them sit around the table and pick up the chopstick placed towards their right. But, here's the problem. To eat the spaghetti they need both the chopsticks and since everyone picked up the chopstick to their right, nobody gets the left chopstick and hence, nobody can eat. For example: there are three housekeepers that are in charge of each floor. However, there is only one set of cleaning supplies. So they have to share with everyone.
Explain whether you would use a risk assessment strategy or penetration testing to protect from a zero-day attack.
Use penetration testing because this strategy tries to find failures in the system. If a failure is found, the developer can fix it before the attack.
Briefly describe what VFS and NFS are, and explain how they might be used in a given computing system. Which one might be use on mobile device?
VFS - Protocol and interface that define how systems communicate network information. It can be used to bridge the differences in Windows, Mac and Unix file systems, so that applications can access files on local file systems of those types without having to know what type of file system they are accessing. NFS - onboard networking system. Related to specific systems on local devices; Can support VFS operations with other systems. VFS is used for mobile device.
Briefly identify one situation where random access might be superior to sequential access.
When you want to access a specific page within a book.
Briefly identify one situation where sequential access might be superior to random access.
When you want to read a book from the beginning.
the king is the only one who has the keys to the front gate of the castle. Identify the appropriate formal reason, and explain what might happen if the keys are give to the other.
applying the principle of least privilege. The king has the highest privilege to keep the key. if the key is given to someone malicious, they could break into the castle with the enemies
Define the concept of protection as it pertains to a computer.
controlling the access of processes and users to the resources defined by a computer system. Processes in an OS must be protected from one another's activities. Uses mechanisms to ensure that only processes that have gained proper authorization from the OS can operate on resources.
briefly describe the mirroring process for a RAID system
duplicate every drive. A logical disk consists of two physical drives, and every write is carried out on both drives. If one of the drives in the volume fails, the data can be read from the other.
Given a small business such as bakery, identify and briefly explain some part of the store where protection, but not security is implemented
fire alarm is installed to detect smoke and fire products are usually warped or displayed in glass cabinets to protect them from flies or dried up quicker locked doors are installed to protect from intruders
identify the policy that might have "stop at all signs", "obey speed limits", and "signal before changing lanes" as mechanism
follow the traffic laws when driving on the road
Briefly (two to three sentences) what makes the test and set lock (TSL) effective at protecting critical sections.
it reads the contents of a memory location, stores it in a register and then stores a non-zero value at the address. It ensures mutual exclusion and freedom from deadlock.
explain the difference between a policy and a mechanism and provide an example
policy: decide what will be done mechanism: how something will be done policies are the rules and mechanisms are the ones who decide how to enforce the rules
Explain the meaning of using as sandbox in computers and provide an example
the sand represents programs of any kind. In a sandbox, a program has no access to any part of the host system - no access to files beyond it's own program, no access to memory outside the sandbox Java Virtual Machine, or JVM, loads, verifies and executes Java bytecode.
