Test Your Security Architecture Knowledge

Questions and Answers

What is security architecture?

The design of software applications

The physical design of a computer system

The logical design of a computer system with a focus on security components (correct)

The design of network infrastructure

What is security architecture?

The physical hardware of a computer system

The process of securing a building or physical location

The logical hardware, operating system, and software security components and how to implement them (correct)

The design of a computer's user interface

What is the purpose of layering in security architecture?

To simplify the system

To combine processes and resources

To add complexity to the system

To separate processes and resources (correct)

What is layering in security architecture?

The separation of a complex task into multiple sub-tasks

What is the ring model?

A type of CPU hardware layering that separates and protects domains

What is abstraction in security architecture?

The hiding of unnecessary details from the user

What is a security domain?

The list of objects a subject is allowed to access

What is a security domain?

The list of objects a subject is allowed to access

What is the Ring Model?

A form of CPU hardware layering

What is a Trusted Computing Base (TCB)?

The totality of protection mechanisms within a computer system responsible for enforcing a security policy

What is the Reference Monitor?

An abstract machine that mediates all access subjects have to objects

What is the difference between an open and closed system?

An open system uses open hardware and standards using standard components from a variety of vendors, while a closed system uses proprietary hardware or software

What is the Trusted Computing Base (TCB)?

The totality of protection mechanisms within a computer system responsible for enforcing a security policy

What is the Security Kernel?

A software component that enforces the Reference Monitor concept

What is the purpose of the CPU in a computer system?

To execute instructions and perform calculations

What are the three fundamental principles that the Reference Monitor and the Security Kernel must satisfy?

Completeness, isolation, verification

What is a virtual machine?

A software program that simulates a computer system

What is the Security Perimeter?

The imaginary boundary that divides the trusted from the untrusted

What is a trusted operating system?

An operating system that has a high degree of assurance that its security features have been implemented correctly

What is the IOS kernel responsible for?

Managing hardware resources

What is the difference between the original IOS and the new IOS?

The original IOS used a microkernel design, while the new IOS is based on a monolithic kernel design

What is the purpose of the Security Perimeter?

To divide the trusted from the untrusted

What is the SCOMP system?

An operating system with a specialized kernel

What is IOS?

A hardware-based operating system

Study Notes

Security Architecture and Models

• Security architecture and design entails the logical hardware, operating system, and software security components and how to implement them to architect, build, and evaluate the security of computer systems.

• Security architecture provides a view of the overall system architecture from a security point of view and how the system is put together to satisfy the security requirements.

• Layering separates processes and resources, adds modularity to the system, and is the separation of a complex task into multiple sub-tasks.

• The operating system is divided into a number of layers, and each layer is built on top of lower layers.

• Abstraction hides unnecessary details from the user, which adds to more security.

• A security domain is the list of objects a subject is allowed to access, and domains are groups of subjects and objects with similar security requirements.

• An OS should be able to enforce the security principals (CIA), and the proper design and building of a system is called "Security System Architecture."

• The ring model is a form of CPU hardware layering that separates and protects domains such as kernel mode and user mode from each other.

• An open system uses open hardware and standards using standard components from a variety of vendors, while a closed system uses proprietary hardware or software.

• Secure Hardware Architecture focuses on the physical computer hardware required to have a secure system.

• The central processing unit (CPU) is a microprocessor that contains a control unit (CU), an arithmetic logic unit (ALU), and registers, which are holding places for data and instructions.

• The operating system creates a virtual environment (virtual machine) for the application to work in and allots it a segment of virtual memory.Summary of "Secure Operating System and Software Architecture"

• There are four different operating states in which processes can work within.

• Secure OS and software architecture build upon the secure hardware providing a secure interface between hardware and applications.

• Operating systems provide memory, resource, and process management.

• An ordinary OS addresses several functions that involve computer security, including authentication of users and protection of memory.

• A trusted OS provides a set of security features together with an appropriate degree of assurance that the features have been assembled and implemented correctly.

• Security must be considered in every aspect of the trusted OS design.

• Trusted Computing Base (TCB) is the totality of protection mechanisms within a computer system responsible for enforcing a security policy.

• The Reference Monitor and the Security Kernel must satisfy three fundamental principles: completeness, isolation, and verifiability.

• Security Perimeter is the imaginary boundary that divides the trusted from the untrusted.

• Trusted functions may be privileged to modify kernel databases and bypass certain requirements of the security policy.

• The Reference Monitor is an abstract machine that mediates all access subjects have to objects.

• The Security Kernel implements the concept of reference monitor and enforces the reference monitor concept.Overview of IOS Kernel and Operating System

• IOS stands for Internetwork Operating System

• RMC refers to Remote Monitoring and Control

• IOS is a hardware-based operating system

• The IOS kernel is responsible for managing hardware resources

• The original IOS was based on a monolithic kernel design

• The new IOS uses a microkernel design

• IOS interfaces include ISOS and RMC interfaces

• The kernel implementation strategies vary based on the case

• The SCOMP system is an example of a kernelized system with a specialized operating system

• The SCOMP system uses a simple operating system on top of the kernel

• The simple operating system provides more user-friendly features

• The SCOMP system is a case of a new operating system implementation.

Description

Test your knowledge on Security Architecture and Models with this informative quiz. Learn about the different components of security architecture, layering, abstraction, security domains, and more. Explore the basics of secure hardware architecture and operating system design, including the trusted OS, reference monitor, security kernel, and security perimeter. Additionally, get an overview of the IOS kernel and operating system, including the different kernel implementation strategies and examples of new operating system implementations. Challenge yourself and see how much you know about this crucial aspect of