Computer Science/IT MCQs
Topic Notes: Computer Science/IT
MCQs and preparation resources for competitive exams, covering important concepts, past papers, and detailed explanations.
Plato
- Biography: Ancient Greek philosopher (427–347 BCE), student of Socrates and teacher of Aristotle, founder of the Academy in Athens.
- Important Ideas:
- Theory of Forms
- Philosopher-King
- Ideal State
5291
What is "cryptanalysis"?
Answer:
The study of analyzing and breaking cryptographic systems.
Cryptanalysis is the "code-breaking" side of cryptography. It involves studying ciphers and cryptographic protocols to find weaknesses and vulnerabilities that would allow an attacker to bypass the security they are supposed to provide.
5292
Why isn't email generally recommended as a second factor for authentication?
Answer:
Because email accounts are frequently compromised, which would allow an attacker to bypass the MFA.
If an attacker gains access to your email account (often through a separate phishing attack), and you are using that same email account to receive your 2FA codes, then the second factor provides no additional security. This is a single point of failure.
5293
An OTP that is generated based on a counter and a shared secret, and is used until a new one is requested, is known as:
Answer:
An HOTP (HMAC-based One-Time Password)
HOTP is an event-based OTP. A new code is generated either when a button is pressed on a hardware token or when the user requests one. Unlike TOTP, it does not expire after a set time.
5294
A "circuit-level gateway" is a type of firewall that:
Answer:
Works at the Session layer (Layer 5) and monitors TCP handshakes.
A circuit-level gateway is a simpler type of firewall that operates at the Session layer. It doesn't inspect the content of the packets but instead validates that a requested session is legitimate by monitoring the TCP handshake.
5295
Which of the following is an example of a symmetric encryption algorithm?
Answer:
AES
AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm. RSA (Rivest–Shamir–Adleman) and ECC (Elliptic Curve Cryptography) are examples of asymmetric algorithms.
5296
A "Caesar cipher," where each letter in the plaintext is shifted a certain number of places down the alphabet, is a simple example of:
Answer:
A substitution cipher (a type of symmetric encryption)
The Caesar cipher is one of the earliest and simplest forms of symmetric encryption. It uses a key (the number of shifts) to substitute each letter for another, and the same key is used to reverse the process.
5297
An "insider threat" refers to a security risk that originates from:
Answer:
Within the organization, such as from a current or former employee, contractor, or business partner.
An insider threat is a security risk that comes from someone who has authorized access to an organization's systems and data. This can be a malicious act (e.g., a disgruntled employee stealing data) or an unintentional one (e.g., an employee falling for a phishing scam).
5298
What is Multi-Factor Authentication (MFA)?
Answer:
?
MFA, also known as two-factor authentication (2FA), adds a critical second layer of security to user logins. Instead of just asking for a username and password, it requires additional evidence of the user's identity.
5299
What is the role of a SIEM (Security Information and Event Management) system?
Answer:
To collect, aggregate, and analyze log data from various security tools and network devices to provide a centralized view of security events.
A SIEM system is a central hub for security data. It gathers logs from firewalls, IDS/IPS, servers, and other sources, and then uses correlation rules to identify trends and potential security incidents from this massive amount of data.
5300
The Health Insurance Portability and Accountability Act (HIPAA) is a US federal law that regulates what type of information?
Answer:
Protected Health Information (PHI)
HIPAA establishes national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. It applies to healthcare providers, health plans, and other "covered entities."