Computer Architecture, Operation of Microprocessor, and the CISSP Exam

Certified Information Systems Security Professional (CISSP) is an independent information security certification granted by the International Information System Security Certification Consortium. CISSP is a standardized, vendor-neutral certification program that provided structure and demonstrated competence relevant to information security professionals.

The basic operation of a microprocessor consists of two distinct phases: fetch and execute. (It's not too different from what your dog does: You throw the stick, and he fetches the stick.) During the fetch phase, the CPU locates and retrieves a required instruction from memory. During the execute phase, the CPU decodes and executes the instruction. These two phases make up a basic machine cycle that's controlled by the CPU clock signals. Many complex instructions require more than a single machine cycle to execute.

The four operating states for a computer (CPU) are:

• Operating (or run) state: The CPU executes an instruction or instructions.

• Problem (or application) state: The CPU calculates a solution to an application-based problem. During this state, only a limited subset of instructions (non-privileged instructions) is available.

• Supervisory state: The CPU executes a privileged instruction, meaning that instruction is available only to a system administrator or other authorized user/process.

• Wait state: The CPU hasn't yet completed execution of an instruction and must extend the cycle.

The two basic types of CPU designs used in modern computer systems are:

• Complex-Instruction-Set Computing (CISC): Can perform multiple operations per single instruction. Optimized for systems in which the fetch phase is the longest part of the instruction execution cycle. CPUs that use CISC include Intel x86, PDP-11, and Motorola 68000.

• Reduced-Instruction-Set Computing (RISC): Uses fewer, simpler instructions than CISC architecture, requiring fewer clock cycles to execute. Optimized for systems in which the fetch and execute phases are approximately equal. CPUs that have RISC architecture include Alpha, PowerPC, and SPARC.

Microprocessors are also often described as scalar or superscalar. A scalar processor executes a single instruction at a time. A superscalar processor can execute multiple instructions concurrently.

Finally, many systems (microprocessors) are classified according to additional functionality (which must be supported by the installed operating system):

• Multitasking: Alternates the execution of multiple subprograms or tasks on a single processor.

• Multiprogramming: Alternates the execution of multiple programs on a single processor.

• Multiprocessing: Executes multiple programs on multiple processors simultaneously.

Two related concepts are multistate and multiuser systems that, more correctly, refer to operating system capabilities:

• Multistate: The operating system supports multiple operating states, such as single-user and multiuser modes in the UNIX/Linux world and Normal and Safe modes in the Windows world.

• Multiuser: The operating system can differentiate between users. For example, it provides different shell environments, profiles, or privilege levels for each user, as well as process isolation between users.

An important security issue in multiuser systems involves privileged accounts, and programs or processes that run in a privileged state. Programs such as su (UNIX/Linux) and RunAs (Windows) allow a user to switch to a different account, such as root or administrator, and execute privileged commands in this context. Many programs rely on privileged service accounts to function properly. Utilities such as IBM's Superzap, for example, are used to install fixes to the operating system or other applications.

This is an excerpt from:

If you're a security professional seeking your CISSP certification, this book is a perfect way to prepare for the exam. Covering in detail all eight domains, the expert advice gives you the key information you'll need to pass the exam with flying colors. Plus, you'll receive guidance on setting up a study plan, tips for exam day, and access to an online test bank of questions. After you earn your CISSP certification, learn how to grow as a security professional and put your certification to good use. So, put the odds in your favor and get started today!

How to prepare for the CISSP examination
An in-depth chapter on all eight certification domains
Advice on getting the most out of a CISSP certification
Tips on studying for the exam and a stress-free test day
Click here for more information.

Learn more at

More Windows Administration Information:
• Microsoft Security Essentials
• Computer Architecture, Software and Firmware, and the CISSP Exam
• Six Steps to Get and Keep Your Computer Running at Full Speed
• Phishing Attacks
• Computer Technician's Guide to Biometric Security Devices
• No Software on the Market Removes All Spyware
• How Hackers Crack Passwords
• Remove Stubborn Malware Infection With McAfee Labs Stinger
• An Introduction to Forensics Data Acquisition From Android Mobile Devices
• Seven Steps to a Secure Wireless Network