MADANAPALLE INSTITUTE OF TECHNOLOGY & SCIENCE, MADANAPALLE

(UGC-AUTONOMOUS)
Department of Computer Science & Technology
Course Name: Operating Systems Fundamentals for Security
Course Code: 20CSC107
UNIT 1

1. Explain about the components of operating system in detail.

2. Elaborate on System Calls with neat diagram.

3. Explain in detail about Inter-process communication

4. Consider the following five processes, with the length of the CPU burst time given in
milliseconds. Process Burst time P1 8, P2 6, P3 1, P4 9, P5 3 .Consider the First come First serve
(FCFS), Non Preemptive Shortest Job First (SJF) Illustrate the scheduling using Gantt chart.
Which algorithm will give the minimum average waiting time, throughput and turnaround time ?
Discuss.

5. Define operating system and list out the function and component of operating system.

6. Consider the following five processes, with the length of the CPU burst time given in
milliseconds. Process Burst time P1 10, P2 29, P3 3, P4 7, P5 12 .Consider the First come First
serve (FCFS), Round Robin(RR) (quantum=10ms) scheduling algorithms. Illustrate the
scheduling using Gantt chart. Which algorithm will give the minimum average waiting time?
Discuss.

7. Explain about various operating system operations.

8. Discuss in brief about Inter-process communication

9. Write short note (i)Process Management (ii) Memory Management (iii) Security and
Protection.

10. Elaborate about IPC with suitable example.

UNIT – II

1. What is the important feature of critical section? State the dining philosopher’s problem and
show how to allocate the several resources among several processes in a deadlock and starvation
free manner

2. Elaborate about the deadlock prevention mechanism in detail.

3. Discuss any two classic problems of synchronization

4. Explain the various deadlock handling mechanism in detail.

5. Explain the use of Deadlock Avoidance Algorithm with suitable illustration.

6. Discuss any two classic problems of synchronization

7. Explain about semaphores in detail.

8. Explain the list of condition that led to deadlock.

9. Explain about semaphores in detail.

10. Explain in detail Banker algorithm with suitable example.

UNIT III

1. Explain different page replacement algorithms in detail.

2. Illustrate the functions of file and file implementation.

3. Define paging and discuss the steps in handling a page fault?

4. Disk head is start at 53.. The queue of pending request is, 98,183, 37,122,14,124,65,67. -
FCFS , SSTF,SCAN,C-SCAN, LOOK

5. Differentiate between Paging and Segmentation.

6. Explain in detail about different disk scheduling algorithms?

7. Explain different page replacement algorithms in detail.

8. What is thrashing and explain the methods to avoid thrash in detail.

9. Consider the following page reference string: 1, 2, 3, 4, 2, 1, 5, 6, 2, 1, 2, 3, 7, 6, 3, 2, 1, 2, 3,

6. Identify the no.of page faults would occur for the following replacement algorithms, assuming
one, two, three, four, five, six, or seven frames? Remember all frames are initially empty, so
your first unique pages will all cost one fault each. a.LRU replacement b. FIFO replacement
c.Optimal replacement.

10. When page faults will occur? Describe the actions taken by operating system during page
fault in detail.

UNIT – IV

1. Discuss in detail about Mandatory Protection Systems with neat architecture.

2. Explain different trust models in detail.

3. Explain in detail about Access control fundamentals.

4. Write a short on various threat models present in operating systems.

5. Discuss verifiable security goals in detail.

6. Write short on (i) STRIDE threat model (ii) Octave threat model.

7. Define threat. Explain the significance of creating threat model in system design.

8. Write short note on (i)Bell la padula Model (ii) Biba Integrity Model

9. Discuss in detail about Reference monitor architecture in detail.

10. Explain briefly about threats and different threat models in detail.

UNIT – V:

1. Explain kernel security in detail.

2. Write a short note on a) Various attacks on Mobile Systems b) security issues of Pervasive
Computing

3. Compare and contrast on security features of Linux and Windows OS.

4. Explain various security issues and attacks present in Pervasive Computing, wireless network
systems.

5. Explain windows OS security features in detail.

6. Explain in detail about OS security goals.

7. Explain the security features of Linux and Windows OS in detail.

8. Discuss the security issues and attacks on different types of operating systems.

9. Discuss in detail about Windows security architecture

10. Define Fault tolerance. Explain different fault tolerant issues in detail.

1 MARK:

UNIT 1

1. Define System Programs.

System software is software designed to provide a platform for other software. Examples of
system software include operating systems (OS) like macOS, Linux, Android and Microsoft
Windows, computational science software, game engines, search engines, industrial automation,
and software as a service applications.
2. Mention the list of services provided by an Operating System?
Program execution
I/O Operation
File-System manipulation
Communications
Error detection
3. What are the operations performed on process.

1. Process creation
2. Process scheduling or dispatching
3. Blocking
4. Preemption
5. Termination

4. Differentiate between long term and short term scheduler.

S.NO LONG TERM SCHEDULER SHORT TERM SCHEDULER

1 Long-Term Scheduler takes the Short-Term Scheduler takes the process

process from job pool. from ready queue.

2 Long-Term Scheduler is also Short-Term Scheduler is also known

known as Job Scheduler. as CPU Scheduler.

3 Long-Term Scheduler control Short-Term Schedule control Multitasking

Multi-Programming

5. What is meant by context switch?

Switching the CPU to another process requires saving the state of the old process and loading the
saved state for the new process. This task is known as context switch.

6. What are the benefits of multithreaded programming?

The benefits of multithreaded programming can be broken down into four major categories:
• Responsiveness
• Resource sharing
• Economy
• Utilization of multiprocessor architectures

7. State the role of program counter block.

Each process is represented in the operating system by a process control block (PCB) – also
called as task control block. The PCB simply serves as the repository for any information that
may vary from process to process.
8. What are the different CPU scheduling Criteria?

The various scheduling criteria are,

• CPU utilization
• Throughput
• Turnaround time
• Waiting time
• Response time

9. List the four major components of computer system.

Application Program
System Program
Operating System
Computer Hardware

10. What are the different types of scheduling queues?

Device Queue: The list of processes waiting for particular I/O device is called a device queue.
Job Queue: As process enters the system they are put into job queue.
Ready Queue: The processes that are residing in the main memory and are ready and waiting to
execute are kept in the queue.

UNIT –II

1. What do you meant by semaphore?

A semaphore 'S' is a synchronization tool which is an integer value that, apart from initialization,
is accessed only through two standard atomic operations; wait and signal .Semaphores can be
used to deal with the n-process critical section problem. It can be also used to solve various
Synchronization problems.

2. What is the sequence of operation by which a process utilizes a resource?

Under the normal mode of operation, a process may utilize a resource in only the following
sequence:
Request: If the request cannot be granted immediately, then the requesting process must wait
until it can acquire the response.
Use: The process can operate on the resource.
Release: The process releases the resource

3. What are the requirements that a solution to the critical section problem must satisfy?
The three requirements are
• Mutual exclusion
• Progress
• Bounded waiting

4. What are the conditions under which a deadlock situation may arise?

A deadlock situation can arise if the following four conditions hold simultaneously in a system:
• Mutual exclusion
• Hold and wait
• No pre-emption
• Circular wait

5. What is a semaphore?

A semaphore 'S' is a synchronization tool which is an integer value that, apart from initialization,
is accessed only through two standard atomic operations; wait and signal .Semaphores can be
used to deal with the n-process critical section problem. It can be also used to solve various
Synchronization problems.

6. Define Deadlock

A process requests resources; if the resources are not available at that time, the process enters a
wait state. Waiting processes may never again change state, because the resources they have
requested are held by other waiting processes. This situation is called a deadlock.

7. What do you meant by multithread?

Multi threading is a widespread programming and execution model that allows multiple threads
to exist within the context of one process. These threads share the process's resources, but are
able to execute independently.

8. What is meant by Resource Allocator Graph?

Deadlocks can be described more precisely in terms of a directed graph called a system resource
allocation graph. This graph consists of a set of vertices V and a set of edges E. The set of
vertices V is partitioned into two different types of nodes; P the set consisting of all active
processes in the system and R the set consisting of all resource types in the system.

9. Define race condition.

When several process access and manipulate same data concurrently, then the outcome of the
execution depends on particular order in which the access takes place is called race condition. To
avoid race condition, only one process at a time can manipulate the shared variable.

10. Give the condition necessary for a deadlock situation to arise?

A deadlock situation can arise if the following 4 condition hold simultaneously in a system.
Mutual Exclusion
Hold and Wait
No preemption
Circular Wait

UNIT III

1. Define Swapping?

A process needs to be in memory to be executed. However a process can be swapped temporarily

out of memory to a backing store and then brought back into memory for continued execution.
This process is called swapping.

2. What is Compaction?

Compaction is a process in which the free space is collected in a large memory chunk to make
some space available for processes. In memory management, swapping Creatings multiple
fragments in the memory because of the processes moving in and out. Compaction refers to
combining all the empty spaces together and processes.
3. Define demand paging in memory management.

In virtual memory systems, demand paging is a type of swapping in which pages of data are not
copied from disk to RAM until they are needed.

4. Determine the most common schemes for defining the logical structure of a directory?

The most common schemes for defining the logical structure of a directory
Single-Level Directory
Two-level Directory
Tree-Structured Directories
Acyclic-Graph Directories
General Graph Directory

5. What are the common strategies to select a free hole from a set of available holes?

The most common strategies are,

• First fit
• Worst fit
• Best fit
6. How the problem of external fragmentation can be solved.

Solution to external fragmentation :

1) Compaction : shuffling the fragmented memory into one contiguous location.
2) Virtual memory addressing by using paging and segmentation.

7. Define page fault.

Page Fault A page fault occurs when a program attempts to access a block of memory that is not
stored in the physical memory, or RAM. The fault notifies the operating system that it must
locate the data in virtual memory, then transfer it from the storage device, such as an HDD or
SSD, to the system RAM.

8. Mention the advantages of segmentation method.

 Segmentation is closer to the programmer’s view of physical memories.

 Segmentation is a way to prevent internal fragmentation.
 Segmentation reduces CPU overhead because it contains an entire module at once.

9. What is Belady’s Anomaly?

For some page replacement algorithms, the page fault rate may increase as the number of
allocated frames increases

10. What are the various Disk-Scheduling Algorithms?

The various disk-scheduling algorithms are

• First Come First Served Scheduling
• Shortest Seek Time First Scheduling
• SCAN Scheduling
• C-SCAN Scheduling
 LOOK scheduling

UNIT IV

1. List out the different types of security goals present in OS.

Authentication
 Authorization
 Confidentiality
 Data / Message Integrity
 Accountability
 Availability
 Non-Repudiation
2. What are the merits of Biba Integrity model?

It is simple and easy to implement.

This model provide no of different policies that can selected based on need.

3. Define OS security.

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality
and availability. OS security refers to specified steps or measures used to protect the OS from
threats, viruses, worms, malware or remote hacker intrusions.

4. List out some the information flow models for both confidentiality and integrity.

Bella lapadula Model

Biba Integrity Model.

5. What do you meant by protection domain?

A protection domain specifies the set of resources (objects) that a process can access
and the operations that the process may use to access such resources.

6. What are the different methods are used to create to threat model?

• an abstraction of the system

• profiles of potential attackers, including their goals and methods

• a catalog of potential threats that may arise

7. What do you meant by DAC systems?

8. Mention some of the key characteristics of Trusted systems.

9. Define MAC systems.

10. What is the use of Reference Monitor?

A reference monitor is the classical access enforcement mechanism It takes a request as input,
and returns a binary response indicating whether the request is authorized by the reference
monitor’s access control policy.

UNIT V

1. What do you meant by Fault Tolerance?

Fault tolerance is a process that enables an operating system to respond to a failure in hardware
or software. This fault-tolerance definition refers to the system’s ability to continue operating
despite failures or malfunctions.

2. Mention the steps for performing the Vulnerability Hypothesis Methodology.

1. Information gathering
• Become familiar with system’s functioning
2. Flaw hypothesis
• Draw on knowledge to hypothesize vulnerabilities
3. Flaw testing
• Test them out
4. Flaw generalization
• Generalize vulnerability to find others like it
 5. (maybe) Flaw elimination
• Testers eliminate the flaw (usually not included)
3. What are the different OS issues related to internet?

Hacker
Malware
Computer virus
Trojan horse
Worm
Phishing
Spyware

4. What do you meant by trusted OS?

An operating system in which there exists a level of confidence (based on rigorous analysis and
testing) that the security principals and mechanisms (e.g., separation, isolation, least privilege,
discretionary and non-discretionary access control, trusted path, authentication, and security
policy enforcement) are correctly implemented and operate as intended even in the presence of
adversarial activity.

5. What are the different kinds of intruders?

Intruders are the attackers who attempt to breach the security of a network. They attack the
network in order to get unauthorized access. Intruders are of three types,
namely, masquerader, misfeasor and clandestine user.

6. What is virus and worms?

The Virus attaches itself to executable files and transfers from one system to the other.

A Worm is a malicious program that replicates itself and can spread to different computers via
Network.

7. What are the merits and mertis of linux operating systems.

Merits:

It is less susceptible to malware, viruses, and other potential damages 

It is very easy to install

It works virtually on any modern era computer

Demerits:
Invalid proprietary apps to Apple or Microsoft

No user guide

Inability to run a server-side program

8. List out different types of systems threats?

Malware

Denial of Service

 Emotet 

 Phishing

Man in the middle

 Passwords attacks

 Phishing

SQL Injection

9. What are cons and pros of windows OS.

The advantages of Windows Operating System are as follows −

 Windows supports a large amount of application programs, specially graphics related
software (like games, adobe, etc).
 Windows has much advancement which makes it user friendly.
 Windows has an excellent GUI, most of the popularity of the windows is just because of
its GUI.
The disadvantages of Windows Operating System are as follows −
 Windows is more prone to viruses and other attacks.
 When it comes to GUI, one does not have total control over the hardware system.
 It is proprietary software and hence tends to be more expensive as compared to other
Operating systems.

10. Define Kerberos Network Authentication.

Kerberos authentication is a network protocol that secures user access to services/applications by

using secret-key cryptography across client-server communications. The Kerberos network
authentication protocol helps prevent hackers from intercepting passwords over unsecured
networks.