DEPARTMENT OF CSE (CYBER SECURITY)

CB3402 – OPEATING SYSTEMS AND SECURITY

QUESTION BANK
R-2021

Prepared by
Page 1
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 DEPARTMENT OF CSE (CYBER SECURITY)

III YEAR / VI SEMESTER

REGULATION 2021

CB3402 – OPEATING SYSTEMS AND SECURITY

Faculty In Charge Head of the Department

A . Apoorvavalli, B.E., M.E., Dr. M. P. Revathi, M.E., Ph.D.,

Assistant Professor Professor
Department of CSE (CYBER SECURITY) Department of CSE (CYBER SECURITY)

Prepared by
Page 2
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 INSTITUTE VISION & MISSION

VISION:

To become a globally recognized “Centre of Academic Excellence” providing

Quality Education to all students.

MISSION:

To provide Quality Education in the fields of Engineering, Management,

Information, Technology and other Engineering areas.

DEPARTMENT VISION & MISSION

VISION:

To develop eminent engineers, researchers and entrepreneurs in the areas of

Computer Science & Engineering and Cyber Security with exceptional technical
expertise, skills and ethical values, capable of providing innovative solutions to
national and global needs.

MISSION:

M1 To create a study environment where all academicians, entrepreneurs,

researchers are brought together
M2 To create perpetual learning environment for students and faculty
members establish research centre and conduct researches in
emerging areas.
M3 To create a platform for socially relevant technical and domain
researches through funded projects.

Prepared by
Page 3
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PROGRAM EDUCATIONAL OBJECTIVES (PEOs)

Apply their technical competence in computer science to solve real world

PEO1
problems, with technical and people leadership.
Conduct cutting edge research and develop solutions on problems of social
PEO2
relevance.
Work in a business environment, exhibiting team skills, work ethics,
PEO3
adaptability and lifelong learning.

PROGRAM OUTCOMES (POs):

Engineering knowledge: Apply the knowledge of mathematics, science,

PO1 engineering fundamentals, and an engineering specialization to the solution
of complex engineering problems.
Problem analysis: Identify, formulate, review research literature, and
PO2 analyze complex engineering problems reaching substantiated conclusions
using first principles of mathematics, natural sciences, and engineering
sciences.
Design/development of solutions: Design solutions for complex engineering
PO3 problems and design system components or processes that meet the specified
needs with appropriate consideration for the public health and safety, and the
cultural, societal, and environmental considerations.
Conduct investigations of complex problems: Use research-based
PO4 knowledge and research methods including design of experiments, analysis and
interpretation of data, and synthesis of the information to provide valid
conclusions.
Modern tool usage: Create, select, and apply appropriate techniques,
PO5 resources, and modern engineering and IT tools including prediction and
modeling to complex engineering activities with an understanding of the
limitations.
The engineer and society: Apply reasoning informed by the contextual
PO6 knowledge to assess societal, health, safety, legal and cultural issues and the
consequent responsibilities relevant to the professional engineering practice.
Environment and sustainability: Understand the impact of the professional
PO7 engineering solutions in societal and environmental contexts, and demonstrate
the knowledge of, and need for sustainable development.

Prepared by
Page 4
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 Ethics: Apply ethical principles and commit to professional ethics and
PO8
responsibilities and norms of the engineering practice.
Individual and team work: Function effectively as an individual, and as a
PO9
member or leader in diverse teams, and in multidisciplinary settings.
Communication: Communicate effectively on complex engineering activities
PO10 with the engineering community and with society at large, such as, being able
to comprehend and write effective reports and design documentation, make
effective presentations, and give and receive clear instructions.
Project management and finance: Demonstrate knowledge and
PO11 understanding of the engineering and management principles and apply these
to one’s own work, as a member and leader in a team, to manage projects and
in multidisciplinary environments.
Life-long learning: Recognize the need for, and have the preparation and
PO12 ability to engage in independent and life-long learning in the broadest context
of technological change.

PROGRAM SPECIFIC OUTCOMES (PSOs):

Exhibit design and programming skills to build and automate business

PSO1
solutions using cutting edge technologies.
Strong theoretical foundation leading to excellence and excitement towards
PSO2
research, to provide elegant solutions to complex problems.

Prepared by
Page 5
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
CB3402 OPERATING SYSTEMS AND SECURITY L T P C
3 0 2 4
COURSE OBJECTIVES:
• To understand the basic concepts of Operating Systems.
• To explore the process management concepts including scheduling, synchronization,
threads and deadlock.
• To understand the memory, file and I/O management activities of OS.
• To understand the requirements of a trust model.
• To learn how security is implemented in various operating systems.

UNIT – I OPERATING SYSTEM OVERVIEW 9

Computer-System Organization – Architecture – Operating-System Operations – Resource Management
– Security and Protection – Distributed Systems – Kernel Data Structures – Operating-System Services –
System Calls – System Services – Why Applications Are Operating System Specific – Operating-System
Design and Implementation - Operating-System Structure – Building and Booting an Operating System.

UNIT – II PROCESS MANAGEMENT 9

Process Concept – Process Scheduling – Operation on Processes, Inter-process Communication – Threads
– Overview – Multithreading models – Threading issues; CPU Scheduling – Scheduling criteria,
Scheduling algorithms; Process Synchronization – critical-section problem, Synchronization hardware,
Mutex locks, Semaphores, Critical regions, Monitors; Deadlock – System model, Deadlock
characterization, Methods for handling deadlocks, Deadlock prevention, Deadlock avoidance, Detection,
Recovery.

UNIT – III MEMORY MANAGEMENT AND FILE SYSTEMS 9

Main Memory – Background, Swapping, Contiguous Memory Allocation, Paging, Segmentation – Virtual
Memory – Demand Paging, Page Replacement, Allocation, Thrashing; Allocating Kernel Memory. Mass
Storage system - HDD Scheduling - File concept, Access methods, Directory Structure, Sharing and
Protection; File System Structure, Directory implementation, Allocation Methods, Free Space
Management.

UNIT – IV SECURE SYSTEMS AND VERIFIABLE SECURITY GOALS 9

Security Goals – Trust and Threat Model – Access Control Fundamentals – Protection System – Reference
Monitor – Secure Operating System Definition – Assessment Criteria – Information Flow – Information
Flow Secrecy Models – Denning’s Lattice Model – Bell LaPadula Model – Information Flow Integrity
Models – Biba Integrity Model – Low-Water Mark Integrity – Clark Wilson Integrity.

Prepared by
Page 6
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
UNIT – V SECURITY IN OPERATING SYSTEMS 9
UNIX Security – UNIX Protection System – UNIX Authorization – UNIX Security Analysis – UNIX
Vulnerabilities – Windows Security – Windows Protection System – Windows Authorization – Windows
Security Analysis – Windows Vulnerabilities – Address Space Layout Randomizations – Retrofitting
Security into a Commercial Operating System – Introduction to Security Kernels.

TOTAL: 45 PERIODS
COURSE OUTCOMES
On completion of this course, the students expected to be able to:
CO1 To gain understanding on the concepts of Operating Systems.
To acquire knowledge on process management concepts including scheduling,
CO2
synchronization, threads and deadlock.
CO3 To have understanding on memory, file and I/O management activities of OS.
To understand security issues in operating systems and appreciate the need for
CO4
security models
To gain exposure to the operating systems security models of WINDOWS and
CO5
UNIX OS

CO’s – PO’s & PSO’s MAPPING

CO’ PO’S PSO’S

S 1 2 3 4 5 6 7 8 9 10 11 12 1 2

1 1 3 1 3 2 - - - 1 1 3 1 2 3

2 3 2 2 1 2 - - - 1 2 2 3 3 2

3 3 2 1 3 1 - - - 2 2 1 3 3 3

4 1 1 2 3 3 - - - 3 3 1 1 3 2

5 1 3 2 3 1 - - - 2 1 3 3 1 1

AVG 1.8 2.2 1.6 2.6 1.8 - - - 1.8 1.8 2 2.2 2.4 2.2

1 – Low: 2 – Medium: 3 – High: ‘-' - No correlation

Prepared by
Page 7
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
TEXT BOOKS
1. Abraham Silberschatz, Peter Baer Galvin and Greg Gagne, “Operating System Concepts”, John Wiley
& Sons, Inc., 10th Edition, 2021.
2. Trent Jaeger, Operating System Security, Morgan & Claypool Publishers series, 2008.

REFERENCE BOOKS
1. Morrie Gasser, “Building A Secure Computer System”, Van Nostrand Reinhold, New York, 1988.
2. Charles Pfleeger, Shari Pfleeger, Jonathan Margulies, "Security in Computing", Fifth Edition, Prentice
Hall, New Delhi, 2015.
3. William Stallings, “Operating Systems – Internals and Design Principles”, 9th Edition, Pearson, 2017.
4. Michael Palmer, “Guide to Operating Systems Security”, Course Technology – Cengage Learning, New
Delhi, 2008.
5. Introduction to Hardware, Security and Trust, book by Mohammad Tehranipoor, Cliff Wang, Springer,
2012.
6. Gary McGraw, Software Security: Building Security In, Addison Wesley software security series, 2005.
7. Gerardus Blokdyk, Security Focused Operating System A Complete Guide - 2020 Edition,
5STARCooks, ISBN: 9781867373353, 2020.

Prepared by
Page 8
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 UNIT– I
OPERATING SYSTEM OVERVIEW

PART–A
CO
Q. No Questions BT Level Complexity
Mapping
1 What is an operating system? CO1 Understand Low
2 Define the functions of an operating system. CO1 Remember Low
What is the difference between system
3 CO1 Understand Medium
software and application software?
4 What is a kernel? CO1 Understand Low

5 List the concept of multitasking. CO1 Remember Low

6 List the types of operating systems. CO1 Remember Low

7 What is batch processing? CO1 Understand Low
8 Define the term real-time system. CO1 Remember Low
Define the role of an operating system in
9 CO1 Remember Low
computer security.
What is the difference between single-tasking
10 CO1 Understand Low
and multi-tasking?
11 Define the term virtual machine. CO1 Remember Low

12 What is an embedded operating system? CO1 Understand Low

13 List the goals of an operating system. CO1 Remember Low

What is the difference between a command-

14 line interface (CLI) and a graphical user CO1 Understand Medium
interface (GUI)?
What are the advantages of an OS that
15 CO1 Understand Low
supports multi-user functionality?

Prepared by
Page 9
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping
Explain the organization and architecture of
1 CO1 Understand Medium
a computer system.
2 Explain the types of operating systems. CO1 Understand Medium
Describe the primary operations of an
3 CO1 Understand Medium
operating system.
Discuss the concept of system calls and
4 CO1 Understand Medium
explain with an example.
Explain the kernel data structures in an
5 CO1 Understand Medium
operating system.
Compare different types of operating
6 systems: Batch, Time Sharing, and Real- CO1 Evaluate High
Time.
Describe the services provided by an
7 CO1 Understand Medium
operating system.

Discuss the design and implementation of an

8 CO1 Understand Medium
operating system.

Explain the process of building and booting

9 CO1 Understand Medium
an operating system.

Prepared by
Page 10
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 UNIT– II
PROCESS MANAGEMENT

PART–A
CO
Q. No Questions BT Level Complexity
Mapping
1 What is a process? CO2 Understand Low

2 List the process states in process management. CO2 Remember Low

3 What is a process control block? CO2 Understand Low

What is the difference between a process and a
4 CO2 Understand Low
program?
Define a thread and its advantages over
5 CO2 Remember Low
processes.
6 What is process synchronization? CO2 Understand Low

7 Define a race condition. CO2 Remember Low

What is mutual exclusion in process
8 CO2 Understand Low
synchronization?
9 Define context switching. CO2 Remember Low

10 What is a process state diagram? CO2 Understand Low

What are the differences between preemptive
11 CO2 Understand Medium
and non-preemptive scheduling?

Prepared by
Page 11
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PART–B
CO
Q.No Questions BT Level Complexity
Mapping
Describe the various states of a process with
1 CO2 Understand Medium
neat diagram.
2 Explain Process Control Block in detail. CO2 Understand Medium
Explain the difference between preemptive
3 CO2 Understand Medium
and non-preemptive scheduling algorithm.
Analyze the concept of process scheduling and
4 CO2 Analyze High
why it is important in OS management.
Consider the following processes with their
arrival times and burst times (in milliseconds):

Arrival Burst
Process
Time Time

P1 0 5

P2 1 3

P3 2 8
5 CO2 Create High
P4 3 6
Using FCFS scheduling, calculate the
following:
• Turnaround Time for each process
• Waiting Time for each process
• Average Turnaround Time
• Average Waiting Time
Consider the following processes with their
burst times:

Burst
6 Process CO2 Create High
Time

P1 6

P2 8

Prepared by
Page 12
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 P3 7

P4 3

Using Non-Preemptive SJF scheduling,

calculate:
• Completion Time for each process
• Waiting Time for each process
• Turnaround Time for each process
• Average Waiting Time
• Average Turnaround Time
Consider the following processes with their
burst times and priority values. Lower priority
numbers represent higher priority (i.e., 1 is the
highest priority).
Proces Burst
Priority
s Time

P1 6 2

P2 8 1

P3 7 3
7 CO2 Create High
P4 3 4

Using Non-Preemptive Priority Scheduling,

calculate:
• Completion Time for each process
• Turnaround Time for each process
• Waiting Time for each process
• Average Waiting Time
• Average Turnaround Time

Consider the following processes with their

8 CO2 Create High
burst times and a time quantum of 4 units:

Prepared by
Page 13
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 Burst
Process
Time

P1 6

P2 8

P3 7

P4 3

Using Round Robin scheduling, calculate:

• Completion Time for each process
• Waiting Time for each process
• Turnaround Time for each process
• Average Waiting Time
• Average Turnaround Time

Prepared by
Page 14
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 UNIT – III

MEMORY MANAGEMENT AND FILE SYSTEMS

PART–A

CO
Q. No Questions BT Level Complexity
Mapping
1 What is memory management? CO3 Understand Low
2 What is contiguous memory allocation? CO3 Understand Low
3 Define paging in memory management. CO3 Remember Low

4 What is segmentation in memory management? CO3 Understand Low

5 What are the page faults? CO3 Understand Low

6 What is virtual memory and how does it work? CO3 Understand Low
What is the difference between physical and
7 CO3 Understand Medium
virtual memory?
8 What is the principle of locality of reference? CO3 Understand Low

9 Define page replacement algorithm. CO3 Remember Low

What is the least recently used (LRU) page
10 CO3 Understand Medium
replacement algorithm?
11 What is thrashing in memory management? CO3 Understand Medium
12 What is the concept of dynamic partitioning? CO3 Understand Low
13 What is a page table? CO3 Understand Low
14 What are the advantages of segmentation? CO3 Understand Low
15 Define memory fragmentation. CO3 Remember Low

Prepared by
Page 15
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping
Discuss the various memory management
1 CO3 Understand Medium
techniques used in an operating system.

Explain the page replacement algorithms with

2 CO3 Understand Medium
example.
Describe the concept of fragmentation and its
3 CO3 Understand Medium
effects on memory management.
4 Explain the File system concept. CO3 Understand Medium
Explain the role of kernel memory in operating
5 CO3 Understand Medium
system functioning.
Evaluate the effectiveness of the FIFO page
6 replacement algorithm in comparison to other CO3 Evaluate High
algorithms like LRU.
Discuss the different file allocation methods used
7 CO3 Understand Medium
in operating systems.

Prepared by
Page 16
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 UNIT – IV

SECURE SYSTEMS AND VERIFIABLE SECURITY GOALS

PART–A

CO
Q. No Questions BT Level Complexity
Mapping
1 What are the main security goals in a system? CO4 Understand Low

2 What is a trust model in security? CO4 Understand Low

3 Define the term access control. CO4 Remember Low

How is the Bell-LaPadula model used for

4 CO4 Understand Low
security?

5 Define Biba Integrity model. CO4 Remember Low

6 Define the Low-Water Mark Integrity model. CO4 Remember Low

What is the purpose of the Denning’s Lattice
7 CO4 Understand Low
model?
8 What is information flow Integrity? CO4 Understand Low
What is the main objective of the Clark-Wilson
9 CO4 Understand Medium
Integrity model?
What is the difference between Discretionary
10 Access Control (DAC) and Mandatory Access CO4 Understand Medium
Control (MAC)?
11 What is the role of a secure Operating System? CO4 Understand Low

Prepared by
Page 17
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping
Discuss the various security goals of a system and
1 explain their importance in the design of secure CO4 Understand Medium
systems.

2 Explain the types of disk scheduling algorithms. CO4 Understand Medium

Describe the structure of a directory in a file

3 CO4 Understand Medium
system.
Explain the concept of separation of duties in the
4 CO4 Understand Medium
Clark-Wilson model.
Discuss Denning’s Lattice Model and the Bell-
5 CO4 Understand Medium
LaPadula Model.

6 Explain the Access Control Fundamentals. CO4 Understand Medium

Prepared by
Page 18
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 UNIT – V

SECURITY IN OPERATING SYSTEMS

PART–A

CO
Q. No Questions BT Level Complexity
Mapping
What is the importance of encryption in
1 CO5 Understand Low
computer security?
What is the difference between symmetric and
2 CO5 Understand Medium
asymmetric encryption?
What are the basic principles of information
3 CO5 Understand Low
security?
4 Define firewall. CO5 Remember Low

What is the purpose of an intrusion detection

5 CO5 Understand Low
system?

6 Write short notes on public key infrastructure. CO5 Understand Low

7 What is authentication? CO5 Understand Low
What is the importance of encryption in
8 CO5 Understand Low
computer security?

Prepared by
Page 19
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 PART–B
CO
Q. No Questions BT Level Complexity
Mapping
1 Describe the UNIX Security Model. CO5 Understand Medium
Explain the Windows Protection System and how it
2 CO5 Understand Medium
defends against malicious attacks.
3 Explain the role of cryptography in OS security. CO5 Understand Medium
Describe the process of authentication and
4 CO5 Understand Medium
authorization in an operating system.
Explain the concept of Address Space Layout
5 CO5 Understand Medium
Randomization (ASLR).
Evaluate the effectiveness of encryption methods in
6 CO5 Evaluate High
securing data stored on an operating system.

Prepared by
Page 20
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology
 THANK YOU

ALL THE BEST

Prepared by
Page 21
Mrs. A . Apoorvavalli
J. J. College of Engineering And Technology