Pass your certification exam. Faster. Guaranteed.

Join the 40,000+ candidates in over 58 countries that have found a faster, better way to pass their certification exam.

BASIC

Comprehensive practice exam engine!

  • Unlimited access to thousands of practice questions
  • Exam readiness score
  • Smart reinforcement

PRO

All features in the FREE plan, plus:

  • Focused training ensures 100% exam readiness
  • Personalized learning plan
  • Align exam engine to your current baseline knowledge
  • Eliminate wasted study time
  • Exam pass guarantee
  • And much more

Protection Mechanisms Transcription

Welcome to our security capabilities of information systems essential protection mechanisms module. Well designed operating systems will attempt to protect themself from malicious code or poorly designed code using several mechanisms. Memory segmentation is one of these mechanisms. The operating system will isolate processes from each other, will create security domains, which processes will operate in, and also can use virtual machines to segment, or isolate various applications and operating systems from each other.

Operating systems can also use layering and data hiding to provide different levels of access to resources, depending on how trustworthy the application is. And protection rings, which allow different applications to operate in different rings, where they have different levels of protection. Protection techniques, are performed by elements of a trusted computing base, or TCB.

Operating systems will use virtual rings and place components in different rings depending on their trust level. The most trusted and most protected level is ring zero. This is where the operating system kernel resides. And the operating system will attempt to prevent anything else from running in this ring.

Ring one is where the operating system itself operates and we will generally not see applications operating in ring one. Ring two is where operating system routines operate, such as file system drivers, and ring three is the first time where we see user applications running. We see that word processors and web browsers in photo applications can be run in ring three.

The operating system attempts to protect itself from rogue software by prohibiting applications in ring three from having direct access to the system resources. The users are outside of ring three in what is known as ring four. You will notice there are actually five total rings but since we start counting at zero with computers, ring zero is the inner most ring and ring four would be outer most ring even though there are total of five.

For the CISSP examination you should remember that ring zero has the highest level of privilege and should be the most protected, and that we do not run applications in rings zero, one, or two. We also segment our users into different privilege levels or rings. Users in a higher trust level, such as administrators, are provided access to more system instructions and operate in a privileged mode.

We should make sure that controls or restrictions are placed on any programs or processes that require ring zero privileges because these processes can cause a lot of damage in our systems if we allow them to execute in ring zero and they are malicious. We can see here that the administrator is able to access a privileged mode, which allows him to operate in the lower, more controlled rings.

Whereas the user is not permitted to access the operating system instructions. They are required to run in user mode and their applications cannot interfere with the system directly. We can use reference monitors to control access that subjects would have to objects based on access control lists. When a user accesses an object, we log this activity which creates an auditable trail that we can use to determine if someone was doing something inappropriate when an incident occurs.

A security kernel is the components that are part of your system that enforce and implement the rules that were dictated by the reference monitor. We can see here that a subject is attempting to access an object they first must connect through the reference monitor, and the reference monitor has an access control list they use to determine what privileges the user has to access that object, if any.

For example, we can see that John has full control, Bob has no access to the object whatsoever, and David can access the object, but he's only permitted to read the object, he is not permitted to make any changes to it. For the CISSP examination, you should remember that the reference monitor controls access using an access control list.

And the security kernel enforces those rules that the reference monitor set up. Reference monitors are access control systems that are located in operating systems, and also in network access control systems. Their job is to validate that a subject has rights to specific resources and protect those resources from any unauthorized access or any unauthorized or destructive modification.

An abstract machine is a service that mediates the access to any objects by subjects that attempt to access them. The service is designed to evaluate the subject's security clearance then compare it to the object's security label to determine if the subject should have access. This is implemented and enforced by the security kernel in order to protect objects from unauthorized access.

The reference monitor should make sure that objects are isolated from one another, and you should be able to test and verify the reference monitor to make sure that it is working properly, and that it prevents unauthorized access to any of your resources. This concludes our security capabilities of information systems module.

Thank you for watching.

Included in all plans.

1000's of practice test questions

Classified by skill and ranked by difficulty. Choose to answer questions in STUDY MODE to review and you go.

Exam Readiness Score

Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.

Smart Reinforcement

Don’t forget what you’ve just studied! Use the intelligent reinforcement questions to stay fresh.

THANK YOU! Just bloody thank you! I’m doing the CEH minor at my college and well...I’ve learned more from this site in a few hours than I’ve learned from my school in 9 weeks about the subject. Keep up the good work!

PRO Membership Benefits.

Personalized Learning Plan

Skillset’s Exam Engine continuously assesses your knowledge and determines when you are ready take and pass your exam. When Skillset learns that there is a gap between your knowledge and what you need to know to pass, we present you with a focused training module that gets you up to speed quickly. No fluff! Find your knowledge gaps and fill them.

Exam Pass Guarantee

Skillset is confident that we can help anyone pass their exam. If you reach 100% readiness, and you do not pass your exam, we will refund you plus pay for a replacement exam voucher. That’s how powerful our learning system is, we can offer this guarantee and stand behind our products with this no risk to you guarantee. See terms and conditions.

Eliminate Wasted Study Time

Don’t waste time studying concepts you have already mastered. Focus on what you need to know to pass. The Skillset Competency Diagnostic aligns our Exam Engine and Learning Plan to your baseline knowledge. This saves an average of 31% of the time required to prep for a professional certification exam.

Coming Soon - Simulated Exam

More PRO benefits are being built all the time!