Final Exam Opera�ng Systems

1. Here are the suggested setups for each scenario outlined:

1. Establishing Computer Connectivity for Data Exchange:
Suggestion: Implementing a peer-to-peer network or a compact
local area network (LAN).
Explanation: A straightforward network arrangement connecting
the manager's and assistant's computers would facilitate direct
communication and information sharing.

2. Utilizing Physical Data Centers for Daily Operations:

Recommendation: Employing an enterprise-level data center
equipped with a robust network infrastructure.
Explanation: Employing a physical data center with dedicated
servers, storage, and networking components is apt for
managing diverse data assets and supporting day-to-day
operations.

3. Interlinking Various Buildings for Resource Collaboration:

Recommendation: Establishing a Wide Area Network (WAN)
linking all buildings, potentially with a server in each building for
localized resource accessibility.
Explanation: A WAN configuration enables the connection of
distinct buildings. Local servers can manage resources like
printers and high-speed servers, while central servers can
facilitate company-wide computations.
 4. Implementing a Database System for Employee Data Queries:
Suggestion: Opting for a client-server database structure,
potentially incorporating a web-based interface.
Explanation: Introducing a centralized database server
accessible to employees through a client-server model or a web
interface will streamline data retrieval and administration.

5. Constructing a Robot for Swift Environmental Response:

Recommendation: Employing a Real-time Operating System
(RTOS) alongside a specialized control network.
Explanation: For a robot necessitating rapid responses to
environmental changes (less than 0.03 ms), deploying an RTOS
and a tailored control network becomes imperative to guarantee
minimal latency and precise control.

Question 2.

1. b) a small part of a process that can be executed in operating

systems

2. a) Text section, b) A heap, g) Stack

3. a) To maximize CPU utilization

4. a) selects which process should be executed next and

allocates CPU,
b) Short-term scheduler is invoked frequently,
f) selects which processes should be brought into the ready
queue
g) Should be fast

5. a) True

6. b) solution to the starvation problem

7. a) True

8. b) 23.3

9. b) 6.6

10. b) Solution for critical section problem using locking idea

11. a) Mutual Exclusion

e) Progress
g) Bounded Waiting

12. a) Mutex Locks

b) Semaphore
e) Monitors
f) Multiple instances of a resource type
g) Monitors with Condition Variables
 13. a) Each process must a priori claim maximum use
b) When a process requests a resource, it may have to wait until
get them all together.
c) If there is a cycle, that is mean we detect a deadlock
d) When a process gets all its resources it must return them in a
finite amount of time

14. d) 1 and 2

15. a) Selecting a victim: select the process that has the lowest
cost
b) Rollback: return to some safe state
d) Starvation: same process may always be picked as victim
when using cost factor to
select a victim

16. a) True

17. a) Hold and Wait – must guarantee that whenever a process

requests a resource, it does not hold any other resources
c) Mutual Exclusion: most hold for non-sharable resources
d) No Pre-emption: If a process that is holding some resources
requests another resource
that cannot be immediately allocated to it, then all resources currently
being held are
released
 18. a) Reducing the process size to fit in the free space

19. b) Dynamic linking

e) Virtual Memory

20. a) Some pages will be in memory, and some will be in

secondary storage.
b) Hardware is needed to support distinguishing between the
available and unavailable pages.

21. b) The disk arm starts at one end of the disk, and moves
toward the other end, servicing requests until it gets to the other end
of the disk, where the head movement is reversed, and servicing
continues.

22. b) When DRAM is not large enough for all processes

23. a) I will update my OS always to get the up-to-date security

features
b) I don't connect my computer to a public network, hackers
always find a way to hurt or steal information.
d) I will configure my OS to get a high level of security and
disable all unused services
e) use antivirus software.
f) I must educate myself to increase my defense level
 24. b) Intercepts and can modify transactions between two peers
in networks

25. b) I will not click on the link because viruses can copy
themselves to my computer. To be sure the email is not real, I can call
my partner to see if she/he sent this email or not.

26. b) False

3.
FCFS SCAN C-SCAN
Scheduling Scheduling Scheduling
Description First-Come-First- SCAN (Elevator) C-SCAN
Serve scheduling scheduling scheduling
algorithm. algorithm. Disk arm algorithm. Like
Requests are starts at one end SCAN but restricts
serviced in the and moves towards the arm movement
order they arrive. the other end, to one direction,
servicing requests servicing requests
along the way. until the end, then
moving to the other
end.
Movement Unidirectional Bidirectional Bidirectional
Head In one direction Alternates Alternates
directions directions
Movement
Handling In order of arrival Prioritizes servicing Strictly services
requests in the requests in the
Requests
direction of arm direction of arm
movement movement, avoids
servicing in the
opposite direction
Efficiency May lead to high Reduces seek time Reduces seek time,
seek time, potential by servicing especially
for the "convoy requests in a more beneficial for
effect." efficient order. systems with high
request rates.
Starvation No starvation but Less likely to result Less likely to result
may lead to the in starvation due to in starvation due to
"convoy effect." the back-and-forth the controlled
movement of the unidirectional
arm. movement.

4.

1) Security Levels and Defense Enhancement

1. Threat Assessment
Defense Enhancement: Conduct regular threat assessments to
identify potential risks and vulnerabilities. Implement security
measures based on the identified threats to mitigate risks.

2. Vulnerability Assessment
Defense Enhancement: Perform vulnerability assessments to identify
weaknesses in systems, networks, and applications. Address the
identified vulnerabilities through patch management, secure
configurations, and regular security updates.

3. Risk Mitigation
Defense Enhancement: Develop and implement cybersecurity risk
mitigation strategies, such as continuous monitoring, security policy
enforcement, and the use of security solutions like firewalls and
antivirus software.
4. Secure IT Environment
Defense Enhancement: Establish and enforce robust security policies
and procedures, implement gateway and endpoint security measures,
and manage identity and access controls to create a secure IT
environment.

5. Vulnerability Management
Defense Enhancement: Leverage vulnerability management tools and
practices to identify, prioritize, and remediate security vulnerabilities.
Use threat intelligence and risk-based prioritization to address the
most critical vulnerabilities.

2) The access matrix is a security model used to represent

and control the access rights or permissions that subjects
(users or processes) have on objects (resources) in a
computer system. It provides a way to define and manage
the relationships between subjects and objects, specifying
which subjects can access or perform specific operations
on which objects.
There are two primary methods to implement the access matrix:
a) Lists:
Description: In the list-based implementation, each row of the access
matrix corresponds to a subject, and each column corresponds to an
object. The entries in the matrix indicate the access rights or
permissions that a subject has on an object.
Implementation: The lists method involves maintaining a list for each
subject and each object. Each list contains information about the
access rights of the subject on different objects or the permissions
granted to different subjects for a particular object.
Advantages: Simple to understand and implement, especially for a
small number of subjects and objects.
Challenges: It can be inefficient when the number of subjects or
objects is large.

b) Capabilities:
Description: In the capability-based implementation, each subject is
assigned a list of capabilities or tokens that represent its permissions
on various objects. These capabilities serve as tickets or keys that
grant specific access rights.
Implementation: Subjects are given unique tokens that authorize
specific operations on objects. The access matrix is not explicitly
stored; instead, access decisions are based on possession of valid
capabilities.
Advantages: Provides a more efficient and scalable approach,
especially as the number of subjects or objects increases. Can
simplify revocation of access by revoking specific capabilities.
Challenges: Requires secure management of capabilities to prevent
unauthorized access if a capability is intercepted.
Both methods have their advantages and trade-offs, and the choice
between them depends on factors such as the size of the system, the
complexity of access control requirements, and the desired level of
security. The access matrix is a flexible model that allows for various
implementations based on the specific needs of the system.