Virtual storage combines RAM and secondary storage for system memory. Which of the following is a security concern pertaining to virtual storage?

A.
More than one process uses the same resource.

B.
It allows cookies to remain persistent in memory.

C.
It allows for side-channel attacks to take place.

D.
Two processes can carry out a denial-of-service.

Explanation:
A: When RAM and secondary storage are combined, the result is virtual memory. The system uses hard drive spacecalled swap spacethat is reserved for the
purpose of extending its RAM memory space. When a system fills up its volatile memory space, it writes data from memory onto the hard drive. When a program
requests access to this data, it is brought from the hard drive back into memory in specific units, called page frames. Accessing data that is kept in pages on the hard
drive takes more time than accessing data kept in memory because physical disk read/write access has to take place. There are internal control blocks, maintained by
the operating system, to keep track of what page frames are residing in RAM, and what is available “offline,” ready to be called into RAM for execution or processing, if
needed. The payoff is that it seems as though the system can hold an incredible amount of information and program instructions in memory. A security issue with using
virtual swap space is that two or more processes use the same resource and the data could be corrupted or compromised.
B is incorrect because virtual storage is not related to cookies. Virtual storage uses hard drive space to extend its RAM memory space. Cookies are small text files
used mainly by Web browsers. The cookies can contain credentials for Web sites, site preference settings, or shopping histories. Cookies are also commonly used to
maintain Web server-based sessions.
C is incorrect because a side-channel attack is a nonintrusive attack. In this type of attack, the attacker gathers information about how a mechanism (such as a smart
card or encryption processor) works from the radiation that is given off, time taken to carry out processing, power consumed to carry out tasks, etc. This information is
used to reverse-engineer the mechanism to uncover how it carries out its security tasks. This is not related to virtual storage.
D is incorrect because the biggest threat within a system that has shared resources between processes, as operating systems have to share memory between all
resources, is that one process will negatively interfere with the other process’ resource. This is especially true with memory, since all data and instructions are stored
there, whether they are sensitive or not. While it is possible for two processes to work together to carry out a denial-of-service attack, this is only one type of attack that
can be carried out with or without the use of virtual storage.