Computer Architecture, Main Memory, and the CISSP Exam

Certified Information Systems Security Professional (CISSP) is an independent information security certification granted by the International Information System Security Certification Consortium. CISSP is a standardized, vendor-neutral certification program that provided structure and demonstrated competence relevant to information security professionals.

Main memory (also known as main storage) is the part of the computer that stores programs, instructions, and data. The two basic types of physical (or real — as opposed to virtual — more on that later) memory are

• Random Access Memory (RAM): Volatile memory (data is lost if power is removed) is memory that can be directly addressed and whose stored data can be altered. RAM is typically implemented in a computer's architecture as cache memory and primary memory. The two main types of RAM are:

• Dynamic RAM (DRAM): Must be refreshed (the contents rewritten) every two milliseconds because of capacitance decay. Refreshing is accomplished by using multiple clock signals known as multiphase clock signals.

• Static RAM (SRAM): Faster than DRAM and uses circuit latches to represent data, so it doesn't need to be refreshed. Because SRAM doesn't need to be refreshed, a single-phase clock signal is used.

• Read-Only Memory (ROM): Nonvolatile memory (data is retained, even if power is removed) is memory that can be directly addressed but whose stored data can't be easily altered. ROM is typically implemented in a computer's architecture as firmware (which we discuss in the following section). Variations of ROM include

• Programmable Read-Only Memory (PROM): This type of ROM can't be rewritten.

• Erasable Programmable Read-Only Memory (EPROM): This type of ROM is erased by shining ultraviolet light into the small window on the top of the chip. (No, we aren't kidding.)

• Electrically Erasable Programmable Read-Only Memory (EEPROM): This type of ROM was one of the first that could be changed without UV light. Also known as Electrically Alterable Read-Only Memory (EAROM).

• Flash Memory: This type of memory is used in USB thumb drives.

Be sure you don't confuse the term "main storage" with the storage provided by hard drives.

Secondary Memory

Secondary memory (also known as secondary storage) is a variation of these two basic types of physical memory. It provides dynamic storage on nonvolatile magnetic media such as hard drives, solid-state drives, or tape drives (which are considered sequential memory because data can't be directly accessed — instead, you must search from the beginning of the tape). Virtual memory (such as a paging file, swap space, or swap partition) is a type of secondary memory that uses both installed physical memory and available hard-drive space to present a larger apparent memory space to the CPU than actually exists in main storage.

Two important security concepts associated with memory are the protection domain (also called protected memory) and memory addressing.

A protection domain prevents other programs or processes from accessing and modifying the contents of address space that's already been assigned to another active program or process. This protection can be performed by the operating system or implemented in hardware. The purpose of a protection domain is to protect the memory space assigned to a process so that no other process can read from the space or alter it. The memory space occupied by each process can be considered private.

Memory space describes the amount of physical memory available in a computer system (for example, 2 GB), whereas address space specifies where memory is located in a computer system (a memory address). Memory addressing describes the method used by the CPU to access the contents of memory. A physical memory address is a hard-coded address assigned to physically installed memory. It can only be accessed by the operating system that maps physical addresses to virtual addresses. A virtual (or symbolic) memory address is the address used by applications (and programmers) to specify a desired location in memory. Common virtual memory addressing modes include:

• Base addressing: An address used as the origin for calculating other addresses.

• Absolute addressing: An address that identifies a location without reference to a base address — or it may be a base address itself.

• Indexed addressing: Specifies an address relative to an index register. (If the index register changes, the resulting memory location changes.)

• Indirect addressing: The specified address contains the address to the final desired location in memory.

• Direct addressing: Specifies the address of the final desired memory location.

Don't confuse the concepts of virtual memory and virtual addressing. Virtual memory combines physical memory and hard drive space to create more apparent memory (or memory space). Virtual addressing is the method used by applications and programmers to specify a desired location in physical memory.

This is an excerpt from:

If you're a security professional seeking your CISSP certification, this book is a perfect way to prepare for the exam. Covering in detail all eight domains, the expert advice gives you the key information you'll need to pass the exam with flying colors. Plus, you'll receive guidance on setting up a study plan, tips for exam day, and access to an online test bank of questions. After you earn your CISSP certification, learn how to grow as a security professional and put your certification to good use. So, put the odds in your favor and get started today!

How to prepare for the CISSP examination
An in-depth chapter on all eight certification domains
Advice on getting the most out of a CISSP certification
Tips on studying for the exam and a stress-free test day
Click here for more information.

Learn more at

More Windows Administration Information:
• Five Critical Steps to Protect Your Personal Information and Computer
• FREE Antivirus Software AVG
• Turn On Your Browser's Phishing Filter
• Keep Your Firefox Browsing Private
• Flash Animations and Videos Install Viruses
• Six Steps to Get and Keep Your Computer Running at Full Speed
• Beginner's Guide to Computer Forensics
• What is Riskware or Grayware?
• Phishing Attacks
• The Ransomware Epidemic and What You Can Do