Computer Science/IT MCQs
Topic Notes: Computer Science/IT
MCQs and preparation resources for competitive exams, covering important concepts, past papers, and detailed explanations.
Plato
- Biography: Ancient Greek philosopher (427–347 BCE), student of Socrates and teacher of Aristotle, founder of the Academy in Athens.
- Important Ideas:
- Theory of Forms
- Philosopher-King
- Ideal State
5201
A "host-based" IDS (HIDS) is designed to monitor what?
Answer:
The characteristics of a single computer system, including system logs and file integrity.
A host-based IDS is installed on a specific host (like a server or workstation). It focuses on the internal activities of that machine, looking for signs of compromise such as changes to critical system files, suspicious processes, or unauthorized login attempts.
5202
The HTTPS protocol in your web browser's address bar uses what to encrypt traffic between your browser and the website?
Answer:
A combination of symmetric and asymmetric encryption (TLS/SSL).
HTTPS uses Transport Layer Security (TLS), formerly SSL. TLS uses asymmetric encryption (like RSA) for the initial "handshake" to securely exchange a symmetric key. It then uses the much faster symmetric encryption (like AES) to encrypt the actual data for the rest of the session.
5203
For the highest security, where should the secret key for a TOTP authenticator app be stored?
Answer:
In a secure hardware element on the smartphone.
Modern smartphones have a secure enclave or similar hardware-based secure storage area that is isolated from the main operating system. Storing sensitive data like MFA secret keys in this secure element provides strong protection against malware that might infect the phone.
5204
The "right to be forgotten" (or right to erasure) is a key provision of which regulation?
Answer:
GDPR
Article 17 of the GDPR gives individuals the right to have their personal data erased under certain circumstances, such as when the data is no longer necessary for the purpose it was collected or when the individual withdraws consent.
5205
What is the primary goal of a Denial-of-Service (DoS) attack?
Answer:
To make a machine or network resource unavailable to its intended users.
A DoS attack aims to overwhelm a target system with a flood of illegitimate requests, consuming its resources (like bandwidth or processing power) so that it cannot respond to legitimate traffic.
5206
What does a "network-based" IDS (NIDS) monitor?
Answer:
The traffic passing through a specific point on a network, such as a switch or router.
A NIDS is deployed at a strategic point in the network to analyze traffic from all the devices on that segment. It is designed to detect threats like port scans, DoS attacks, or malware spreading across the network.
5207
What is a primary challenge for an encrypted traffic inspection system (like an SSL proxy)?
Answer:
It requires breaking the end-to-end encryption to inspect the traffic, which can create privacy concerns and technical complexities.
To inspect encrypted (HTTPS) traffic, a security device must perform a form of "man-in-the-middle" interception. It decrypts the traffic, inspects it, and then re-encrypts it before sending it on. This process, while necessary for security, can be complex to implement correctly and raises significant privacy questions.
5208
An "evil twin" attack is most likely to be found in which environment?
Answer:
A public Wi-Fi hotspot area.
An evil twin attack involves an attacker setting up a fraudulent Wi-Fi access point that appears to be a legitimate one (e.g., "Airport_Free_WiFi"). When users connect to this "evil twin," the attacker can monitor and intercept all of their internet traffic.
5209
A "smurf" attack is a type of:
Answer:
DDoS attack that uses ICMP packets.
A smurf attack is a type of DDoS attack in which an attacker sends a large number of ICMP "ping" packets to a network broadcast address, with the source IP spoofed to be the victim's address. This causes all the devices on the network to reply to the victim, overwhelming it with traffic.
5210
In the context of cryptography, what is "entropy"?
Answer:
The measure of randomness or unpredictability used to generate cryptographic keys.
Cryptographic systems require a source of high-quality randomness (entropy) to generate strong, unpredictable keys. This entropy can be gathered from unpredictable sources like mouse movements, keyboard timings, or electrical noise.