Computer Science/IT MCQs
Topic Notes: Computer Science/IT
MCQs and preparation resources for competitive exams, covering important concepts, past papers, and detailed explanations.
Plato
- Biography: Ancient Greek philosopher (427–347 BCE), student of Socrates and teacher of Aristotle, founder of the Academy in Athens.
- Important Ideas:
- Theory of Forms
- Philosopher-King
- Ideal State
5231
A race condition is a vulnerability that occurs when:
Answer:
The outcome of a process depends on the specific timing or sequence of uncontrollable events.
In cybersecurity, a race condition vulnerability can be exploited by an attacker who influences the timing of events to bypass a security control. For example, an attacker might try to use a gift card twice by sending two simultaneous requests before the system can update the balance.
5232
What is a "hash function"?
Answer:
A function that takes an input of any size and produces a fixed-size string of characters, which is a one-way representation of the input.
A hash function creates a unique, fixed-length "digital fingerprint" of a piece of data. It's a one-way process; you cannot reverse the hash to get the original data. Hashing is used to verify data integrity and to store passwords securely.
5233
What is "steganography"?
Answer:
The practice of concealing a message, file, or image within another message, file, or image.
Unlike encryption, which scrambles a message to make it unreadable, steganography hides the very existence of the message. For example, a secret text message could be hidden within the pixel data of a seemingly innocent photograph.
5234
What is a "cipher"?
Answer:
The algorithm used for performing encryption or decryption.
A cipher, or cypher, is simply the set of rules or the algorithm that defines how encryption and decryption are performed. Examples include the AES cipher and the Caesar cipher.
5235
What is a "honeypot" in network security?
Answer:
A decoy computer system set up to attract and trap attackers, allowing security personnel to study their methods.
A honeypot is a trap. It is a system that is intentionally made to look vulnerable and attractive to attackers. By monitoring the honeypot, security teams can learn about new attack techniques and gather intelligence on their adversaries without risking their actual production systems.
5236
What is AI stand for?
Answer:
Artificial Intelligence
AI involves machines performing tasks that typically require human intelligence.
5237
A security system that detects a new type of attack by noticing a deviation from normal network traffic patterns is using what kind of detection method?
Answer:
Anomaly-based detection
Anomaly-based detection works by first establishing a baseline of "normal" network behavior. It then monitors traffic for any activity that deviates significantly from this baseline, which could indicate a new, previously unknown (zero-day) attack.
5238
What is a "zero-day" exploit?
Answer:
An attack that exploits a vulnerability that is unknown to the software vendor and for which no patch is available.
A "zero-day" exploit is highly dangerous because it targets a security flaw that developers have had "zero days" to fix. This means that even fully updated and patched systems are vulnerable until the vendor can develop and release a patch.
5239
What is "adaptive" or "risk-based" authentication?
Answer:
An authentication system that adapts its security requirements based on the risk level of the login attempt.
Adaptive authentication analyzes contextual clues during a login attempt, such as the user's location, IP address, time of day, and device. If the attempt seems risky (e.g., a login from a new country), the system can "step-up" the authentication and require an MFA challenge, whereas a low-risk login might not.
5240
What is the main goal of a firewall "egress filtering" policy?
Answer:
To inspect and control traffic leaving the network.
Egress filtering focuses on outbound traffic. Its purpose is to prevent internal threats, such as a malware-infected computer, from communicating with external command-and-control servers or exfiltrating stolen data from the network.