Exam CISSP topic 1 question 138 discussion

You're right. I had to ask AI just to find this out. Memory segmentation was widely used in older computer architectures, particularly in the 1980s and early 1990s. The Intel x86 architecture, for example, relied on segmentation in both real mode and protected mode. However, as systems evolved, the complexity and limitations of segmentation led to its decline in favor of paging and other memory management techniques. By the late 1990s and early 2000s, most modern operating systems and CPUs had largely moved away from segmentation — Modern systems often rely more on techniques like paging, ASLR (Address Space Layout Randomization) and other mechanisms for memory protection, which offer greater flexibility and efficiency.

20 yrs in IT, never heard of memory segmentation, closest thing to it is containersation but dont know of any OS flavours you can actually carve up the available RAM.

Memory protection using segmentation is a method of dividing system memory into different segments to control and protect memory access. It is commonly used in x86 architecture systems, where the global descriptor table (GDT) and local descriptor table (LDT) are used to define memory segments and access permissions for different processes or segments of memory.

Segmentation (option C) is still the most common method of memory protection. While error correction (option A) is also a method used to protect memory from errors, it is not as commonly used as segmentation, because it requires expensive hardware (ECC memory and processors that support such memory). Segmentation is widely used in modern operating systems to partition memory into segments and to assign different levels of access permissions to each segment, which helps protect the system from unauthorized access and malicious attacks. Virtual local area network (VLAN) tagging (option B) is a network security technique used to partition a physical network into multiple virtual networks, and compartmentalization (option D) is a technique used to separate different types of data and processes into isolated compartments to reduce the impact of a security breach.

The MOST common method of memory protection is segmentation. Segmentation refers to dividing the memory into logical segments or sections, each with its own access rights and permissions. This allows for the isolation and protection of different parts of memory, preventing unauthorized access or modification. Segmentation helps enhance the security and stability of the system by limiting the impact of errors or malicious activities within a specific memory segment.

Memory protection is a way to control memory access rights on a computer, and is a part of most modern instruction set architectures and operating systems. The x86 architecture has multiple segmentation features, which are helpful for achieving this memory protection. A segment is identified by a reference to a memory location and a segment descriptor may limit access rights, e.g., read only, only from certain rings.

Memory Protection using Segmentation: It is a method of dividing the system memory into different segments. The data structures of x86 architecture of OS like local descriptor table and global descriptor table are used in the protection of memory.