Computer Architecture, Main Memory, and the CISSP Exam
Certified Information Systems Security Professional (CISSP) is an independent information security
certification granted by the International Information System Security Certification Consortium.
CISSP is a standardized, vendor-neutral certification program that provided structure and demonstrated
competence relevant to information security professionals.
Main memory (also known as main storage) is the part of the computer that stores programs,
instructions, and data. The two basic types of physical (or real — as opposed to virtual —
more on that later) memory are
• Random Access Memory (RAM): Volatile memory (data is lost if power is removed)
is memory that can be directly addressed and whose stored data can be altered. RAM is typically
implemented in a computer's architecture as cache memory and primary memory. The two main types of RAM are:
• Dynamic RAM (DRAM): Must be refreshed (the contents
rewritten) every two milliseconds because of capacitance decay. Refreshing is accomplished by
using multiple clock signals known as multiphase clock signals.
• Static RAM (SRAM): Faster than DRAM and uses circuit
latches to represent data, so it doesn't need to be refreshed. Because SRAM doesn't need to be
refreshed, a single-phase clock signal is used.
• Read-Only Memory (ROM): Nonvolatile memory (data is retained, even if power
is removed) is memory that can be directly addressed but whose stored data can't be easily
altered. ROM is typically implemented in a computer's architecture as firmware (which we discuss
in the following section). Variations of ROM include
• Programmable Read-Only Memory (PROM): This type of
ROM can't be rewritten.
• Erasable Programmable Read-Only Memory (EPROM):
This type of ROM is erased by shining ultraviolet light into the small window on the top of
the chip. (No, we aren't kidding.)
• Electrically Erasable Programmable Read-Only Memory
(EEPROM): This type of ROM was one of the first that could be changed without UV light.
Also known as Electrically Alterable Read-Only Memory (EAROM).
• Flash Memory: This type of memory is used in USB thumb drives.
Be sure you don't confuse the term "main storage" with the storage provided by hard drives.
Secondary memory (also known as secondary storage) is a variation of these two basic
types of physical memory. It provides dynamic storage on nonvolatile magnetic media such as
hard drives, solid-state drives, or tape drives (which are considered sequential memory because
data can't be directly accessed — instead, you must search from the beginning of the tape).
Virtual memory (such as a paging file, swap space, or swap partition) is a type of secondary
memory that uses both installed physical memory and available hard-drive space to present a
larger apparent memory space to the CPU than actually exists in main storage.
Two important security concepts associated with memory are the protection domain (also
called protected memory) and memory addressing.
A protection domain prevents other programs or processes from accessing and modifying
the contents of address space that's already been assigned to another active program or process.
This protection can be performed by the operating system or implemented in hardware. The purpose
of a protection domain is to protect the memory space assigned to a process so that no other
process can read from the space or alter it. The memory space occupied by each process can
be considered private.
Memory space describes the amount of physical memory available in a computer system (for
example, 2 GB), whereas address space specifies where memory is located in a computer system
(a memory address). Memory addressing describes the method used by the CPU to access the contents
of memory. A physical memory address is a hard-coded address assigned to physically installed
memory. It can only be accessed by the operating system that maps physical addresses to virtual
addresses. A virtual (or symbolic) memory address is the address used by applications (and
programmers) to specify a desired location in memory. Common virtual memory addressing modes include:
• Base addressing: An address used as the origin for calculating other addresses.
• Absolute addressing: An address that identifies a location without reference
to a base address — or it may be a base address itself.
• Indexed addressing: Specifies an address relative to an index register.
(If the index register changes, the resulting memory location changes.)
• Indirect addressing: The specified address contains the address to the
final desired location in memory.
• Direct addressing: Specifies the address of the final desired memory location.