Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
Which part of an operating system (OS) is responsible for providing security interfaces among the hardware, OS, and other parts of the computing system?
The Security Kernel is the part of an operating system responsible for providing security interfaces among the hardware, OS, and other parts of the computing system. It acts as the core of the Trusted Computing Base (TCB) and implements the fundamental security procedures for controlling access to system resources. It is required to mediate all access, ensuring that security policies are enforced. The Security Kernel ensures secure interactions and prevents unauthorized access, making it the critical component in the OS for providing security interfaces.
Answer D Security Kernal : In computer and communications security, the central part of a computer or communications system hardware, firmware, and software that implements the basic security procedures for controlling access to system resources. TCB : The trusted computing base (TCB) of a computer system is the set of all hardware, firmware, and/or software components that are critical to its security, in the sense that bugs or vulnerabilities occurring inside the TCB might jeopardize the security properties of the entire system. By contrast, parts of a computer system outside the TCB must not be able to misbehave in a way that would leak any more privileges than are granted to them in accordance to the security policy. Reference Monitor: reference monitor concept defines a set of design requirements on a reference validation mechanism, which enforces an access control policy over subjects' (e.g., processes and users) ability to perform operations (e.g., read and write) on objects (e.g., files and sockets) on a system. The properties of a reference monitor are captured by the acronym NEAT https://en.m.wikipedia.org/wiki/Security_kernel
The kernal is close to the hardware and with UEFI we can do secure boot wich give us more security. Agree with "D"
It is D for me but we are not talking about kernel in the strict form here. Security kernel is part of the OS
D is correct
Kernel relates to relationships between objects in the OS, the Refence Monitor refers to access rights subjects have to those objects so I'm going with D
The reference monitor stands between every subject and object, verifying that a requesting subject's credentials meet the object's access requirements before any requests are allowed to proceed. Effectively, the reference monitor is the access control enforcer for the TCB. ( (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide, 9th Edition, chapter 8 - Reference Monitors and Kernels)
ANSWER: A See : ISC2 CISSP Official Study Guide (9th ed). The reference monitor stands between every subject and object, verifying that a requesting subject's credentials meet the object's access requirements. The reference monitor is a PART of the overall kernel.
I have the same book and it says that "the reference monitor is an access concept or abstract machine...NOT a physical component." With that, I would lead toward D since the questions seems to look for physical component that interfaces with HW, OS, etc. pg.766
Going with D Hardware, firmware, and software elements of a trusted computing base implementing the reference monitor concept. Security kernel must mediate all accesses, be protected from modification, and be verifiable as correct. https://csrc.nist.gov/glossary/term/security_kernel#:~:text=Definition(s)%3A,and%20be%20verifiable%20as%20correct.
B. Trusted Computing Base (TCB) The Trusted Computing Base (TCB) in an operating system is responsible for providing security interfaces among the hardware, OS, and other components of the computing system. It represents the set of components and processes that are critical for security and that must be trusted to enforce the system's security policy. The TCB includes the security kernel, which is responsible for enforcing security policies and protecting against unauthorized access and actions.
Is the answer a? It is marked as correct.
The key to the question is what part of the OS. D) Security Kernel is physically part of the OS and reference monitor is the theory of how it is supposed to do it's job. https://www.cm-alliance.com/cissp/trusted-computing-base/-tcec-itsec-and-common-criteria#:~:text=a%20computing%20device.-,Security%20Kernel,security%20policy%20(Reference%20Monitor).
Answer D) Security Kernel https://www.cse.psu.edu/~trj1/cse443-s12/docs/ch6.pdf
D - Reference Monitor is conceptual and TCB is an architecture This link does a nice job of explaining it in detail https://www.pearsonitcertification.com/articles/article.aspx?p=1998558&seqNum=3
Security Kernel: The collection of the TCB components that implment the functionality of the reference monitor. The central part of a computer system (hardware, software or firmware) that implements the fundamental security procedures for controlling access to system resources Reference Monitor: Logical part of the TCB that confirms whether a subject has the right to use a resource prior to granting access. Mediates all access between Subjects and Objects.
D Security Kernel looks to be correct for reasons already listed. They're asking about a part of an OS.
Please read what is refernce monitor properly, its an abstract, an idea, (as per CISSP official textbook) the outcome of that abstract is implemente as the security kernel.
C. The reference monitor validates access to every resource prior to granting the requested access. The other options are incorrect. Option D, the security kernel, is the collection of TCB components that work together to implement the reference monitor functions. In other words, the security kernel is the implementation of the reference monitor concept. Option A, a TCB partition, and option B, a trusted library, are not valid TCB concept components.
The answer is A. A. The reference monitor validates access to every resource prior to granting the requested access. The other options are incorrect. Option D, the security kernel, is the collection of TCB components work together to implement the reference monitor functions. In other words, the security kernel is the implementation of the reference monitor concept. Option B, a TCB partition, and option C, a trusted library, are not valid TCB concept components.
The answer is D because the Security kernel is the part of an operating system responsible for providing security interfaces among the hardware, OS, and other parts of the computing system, not A.
D Security Kernel looks to be correct for reasons already listed. They're asking about a part of an OS. Pass4surexams CISSP study material is top-notch! Their verified questions and answers helped me ace the certification exam with guaranteed success. 100% valid and legit