1Which of the following is NOT a necessary condition for a deadlock to occur?
A.Mutual Exclusion
B.Hold and Wait
C.Preemption
D.Circular Wait
Correct Answer: Preemption
Explanation:The four necessary conditions for deadlock are Mutual Exclusion, Hold and Wait, No Preemption, and Circular Wait. If Preemption is possible, a deadlock can be broken.
Incorrect! Try again.
2Which deadlock handling strategy involves ensuring that at least one of the necessary conditions for deadlock cannot hold?
A.Deadlock Avoidance
B.Deadlock Prevention
C.Deadlock Detection
D.Deadlock Recovery
Correct Answer: Deadlock Prevention
Explanation:Deadlock prevention ensures that at least one of the necessary conditions (Mutual Exclusion, Hold and Wait, No Preemption, Circular Wait) is never satisfied.
Incorrect! Try again.
3The Banker’s Algorithm is used for which purpose in an Operating System?
A.Deadlock Prevention
B.Deadlock Avoidance
C.Deadlock Detection
D.Deadlock Recovery
Correct Answer: Deadlock Avoidance
Explanation:The Banker’s Algorithm is a deadlock avoidance algorithm that checks if granting a request will leave the system in a safe state.
Incorrect! Try again.
4A system is in a 'safe state' if:
A.There is no deadlock.
B.There exists a safe sequence of all processes.
C.All resources are currently free.
D.No process is waiting for resources.
Correct Answer: There exists a safe sequence of all processes.
Explanation:A system is in a safe state only if there exists a safe sequence where resources can be allocated to processes in some order such that all processes can complete execution.
Incorrect! Try again.
5In a Resource Allocation Graph, if the graph contains no cycles, then:
A.A deadlock exists.
B.A deadlock may exist.
C.No deadlock exists.
D.The system is in an unsafe state.
Correct Answer: No deadlock exists.
Explanation:If a Resource Allocation Graph contains no cycles, then no deadlock exists. A cycle is a necessary condition for deadlock in this graph model.
Incorrect! Try again.
6Which technique addresses the 'Circular Wait' condition to prevent deadlock?
A.Spooling resources
B.Requesting all resources at the start
C.Imposing a total ordering of all resource types
D.Allowing preemption
Correct Answer: Imposing a total ordering of all resource types
Explanation:Circular wait can be prevented by assigning a unique number to each resource type and requiring processes to request resources in increasing order of enumeration.
Incorrect! Try again.
7What is the primary difference between a Virus and a Worm?
A.A virus is harmless; a worm is malicious.
B.A virus requires a host program to spread; a worm can replicate independently.
C.A worm infects hardware; a virus infects software.
D.A virus spreads via network only; a worm spreads via disk.
Correct Answer: A virus requires a host program to spread; a worm can replicate independently.
Explanation:A virus attaches itself to another program (host) to execute and spread, whereas a worm is a standalone program that replicates itself to spread to other computers.
Incorrect! Try again.
8Which of the following describes 'Starvation'?
A.Two processes waiting indefinitely for each other.
B.A process waiting indefinitely because other processes are constantly favored.
C.The system crashing due to memory overload.
D.A security breach in the kernel.
Correct Answer: A process waiting indefinitely because other processes are constantly favored.
Explanation:Starvation (or indefinite blocking) occurs when a process is ready to execute but waits indefinitely because the scheduler or resource allocator consistently gives preference to other processes.
Incorrect! Try again.
9A 'Trapdoor' (or Backdoor) in a system is:
A.A hardware failure.
B.A mechanism to bypass security controls.
C.A type of antivirus software.
D.A protocol for secure file transfer.
Correct Answer: A mechanism to bypass security controls.
Explanation:A trapdoor or backdoor is a method (often left by developers) to bypass normal authentication or security procedures to gain access to a system.
Incorrect! Try again.
10Which attack involves overwriting a memory area to corrupt data or execute malicious code?
A.Phishing
B.Buffer Overflow
C.Sniffing
D.Denial of Service
Correct Answer: Buffer Overflow
Explanation:A Buffer Overflow occurs when a program writes more data to a buffer than it can hold, overwriting adjacent memory which can be exploited to run malicious code.
Incorrect! Try again.
11Which component of the Access Matrix model represents the protection domain?
A.The column
B.The row
C.The intersection cell
D.The file system
Correct Answer: The row
Explanation:In an Access Matrix, rows represent domains (or subjects/processes), and columns represent objects (resources). The entries determine the access rights.
Incorrect! Try again.
12Implementing an Access Matrix by storing list of objects and rights with each domain is known as:
A.Access Control List (ACL)
B.Capability List
C.Global Table
D.Lock-key mechanism
Correct Answer: Capability List
Explanation:A Capability List is associated with a domain (row-based) and lists all objects that the domain can access along with the specific rights.
Incorrect! Try again.
13The 'Principle of Least Privilege' states that:
A.Users should have maximum access to ensure efficiency.
B.Programs and users should be given just enough privileges to perform their task.
C.Security should be handled only by the OS kernel.
D.All users should have the same privilege level.
Correct Answer: Programs and users should be given just enough privileges to perform their task.
Explanation:This principle dictates that a subject should be given only those privileges that are necessary to complete its assigned task to minimize potential damage.
Incorrect! Try again.
14Which of the following is a method for Deadlock Recovery?
A.Banker's Algorithm
B.Process Termination
C.Wait-for Graph
D.Ordering Resources
Correct Answer: Process Termination
Explanation:Deadlock recovery involves breaking the deadlock cycle, often by aborting (terminating) one or all of the deadlocked processes or preempting resources.
Incorrect! Try again.
15What is 'Cache Poisoning'?
A.Physically damaging the cache memory.
B.Introducing false information into a DNS or ARP cache.
C.Filling the cache so no valid data can be stored.
D.Encrypting the cache so the CPU cannot read it.
Correct Answer: Introducing false information into a DNS or ARP cache.
Explanation:Cache poisoning (e.g., DNS spoofing) involves entering corrupt data into a cache database, causing the server to return an incorrect IP address and diverting traffic.
Incorrect! Try again.
16In the context of Deadlock Detection with single instances of each resource type, which structure is used?
A.Banker's Matrix
B.Wait-for Graph
C.Gantt Chart
D.Access Control List
Correct Answer: Wait-for Graph
Explanation:For single instances of resources, a Wait-for Graph (a variation of the Resource Allocation Graph) is used. A cycle in the Wait-for Graph indicates a deadlock.
Incorrect! Try again.
17Which of the following is an example of a 'Program Threat'?
A.Phishing email
B.Trojan Horse
C.Shoulder surfing
D.Dumpster diving
Correct Answer: Trojan Horse
Explanation:A Trojan Horse is a program threat; it appears to be a useful software but performs malicious actions (like stealing data) in the background.
Incorrect! Try again.
18The practice of adding a random string to a password before hashing it is called:
A.Salting
B.Phishing
C.Snooping
D.Spoofing
Correct Answer: Salting
Explanation:Salting involves adding random data (salt) to a password before hashing to protect against dictionary attacks and rainbow table attacks.
Incorrect! Try again.
19Which recovery method involves rolling back a process to a safe checkpoint?
A.Process Termination
B.Resource Preemption
C.Starvation
D.Mutual Exclusion
Correct Answer: Resource Preemption
Explanation:When preempting a resource to recover from deadlock, the process holding the resource is often rolled back to a safe checkpoint to restart later.
Incorrect! Try again.
20A 'Logic Bomb' is:
A.A hardware malfunction.
B.Code embedded in a legitimate program that executes when specific conditions are met.
C.A virus that spreads via email.
D.A type of firewall.
Correct Answer: Code embedded in a legitimate program that executes when specific conditions are met.
Explanation:A logic bomb is malicious code inserted into a program that lies dormant until a specific condition (like a date or a missing database entry) triggers it.
Incorrect! Try again.
21In an Access Control List (ACL) implementation, the permissions are associated with:
A.The Domain (User)
B.The Object (File/Resource)
C.The Operating System
D.The Network
Correct Answer: The Object (File/Resource)
Explanation:An ACL corresponds to a column in the Access Matrix. It is stored with the object and lists which domains can access that object and how.
Incorrect! Try again.
22Which of the following is a goal of Protection in an OS?
A.To increase CPU speed.
B.To ensure that resources are used only by those processes that have proper authorization.
C.To maximize memory fragmentation.
D.To prevent the user from installing applications.
Correct Answer: To ensure that resources are used only by those processes that have proper authorization.
Explanation:The main goal of protection is to provide a mechanism to control the access of programs, processes, or users to system resources.
Incorrect! Try again.
23What is the 'Ostrich Algorithm' in the context of deadlocks?
A.Detecting the deadlock and recovering.
B.Preventing the deadlock strictly.
C.Ignoring the deadlock problem altogether.
D.Avoiding the deadlock using probabilities.
Correct Answer: Ignoring the deadlock problem altogether.
Explanation:The Ostrich Algorithm refers to the strategy of ignoring potential deadlocks on the assumption that they occur very rarely and the cost of prevention is too high.
Incorrect! Try again.
24Which attack attempts to guess a password by trying every possible combination of characters?
A.Dictionary Attack
B.Brute Force Attack
C.Phishing
D.Trojan Horse
Correct Answer: Brute Force Attack
Explanation:A Brute Force attack involves systematically checking all possible keys or passwords until the correct one is found.
Incorrect! Try again.
25What is a 'Denial of Service' (DoS) attack?
A.Stealing user passwords.
B.Encrypting user data for ransom.
C.Preventing legitimate users from accessing a system or network.
D.Injecting a virus into the boot sector.
Correct Answer: Preventing legitimate users from accessing a system or network.
Explanation:A DoS attack aims to make a machine or network resource unavailable to its intended users, often by flooding it with superfluous requests.
Incorrect! Try again.
26The 'Need-to-Know' principle suggests:
A.Users must know everything about the system.
B.A process should only have access to resources currently required for its task.
C.All files should be readable by everyone.
D.Security is not necessary for internal networks.
Correct Answer: A process should only have access to resources currently required for its task.
Explanation:Need-to-know limits a process's access rights to only those resources it strictly requires to perform its current function.
Incorrect! Try again.
27Which of the following is NOT a standard method for user authentication?
A.Something the user knows (Password)
B.Something the user has (Smart card)
C.Something the user is (Biometrics)
D.Something the user wants (Desire)
Correct Answer: Something the user wants (Desire)
Explanation:Authentication is based on: what you know (passwords), what you have (tokens/cards), or what you are (biometrics). 'What you want' is not a factor.
Incorrect! Try again.
28In the context of protection, a 'Domain' implies:
A.A website address.
B.A set of access rights/privileges.
C.A physical location of the server.
D.The type of operating system used.
Correct Answer: A set of access rights/privileges.
Explanation:In protection systems, a domain is a set of objects and the operations that may be invoked on those objects (access rights).
Incorrect! Try again.
29Which deadlock prevention strategy denies the 'Hold and Wait' condition?
A.Preempting resources from a process.
B.Ordering resources numerically.
C.Requiring a process to request all resources before execution begins.
D.Using the Banker's Algorithm.
Correct Answer: Requiring a process to request all resources before execution begins.
Explanation:Hold and Wait is prevented by requiring processes to request and be allocated all necessary resources at once before starting execution.
Incorrect! Try again.
30What is 'Stack Smashing'?
A.Physical damage to the CPU stack.
B.A form of buffer overflow attack targeting the stack.
C.Compressing the stack to save memory.
D.Deleting the stack pointer.
Correct Answer: A form of buffer overflow attack targeting the stack.
Explanation:Stack smashing is a specific type of buffer overflow where the attacker overwrites the return address in the stack frame to redirect execution to malicious code.
Incorrect! Try again.
31A 'Polymorphic Virus' is one that:
A.Changes its signature or code every time it replicates to avoid detection.
B.Infects multiple operating systems.
C.Only attacks graphics files.
D.Cannot be removed.
Correct Answer: Changes its signature or code every time it replicates to avoid detection.
Explanation:Polymorphic viruses change their code (often via encryption) with every infection, making signature-based detection difficult.
Incorrect! Try again.
32What does 'Mutual Exclusion' mean in the context of deadlock?
A.Processes must share all resources.
B.At least one resource must be held in a non-sharable mode.
C.Resources can be preempted.
D.Processes wait in a circle.
Correct Answer: At least one resource must be held in a non-sharable mode.
Explanation:Mutual exclusion means that only one process can use a resource at a time. If another process requests it, it must wait.
Incorrect! Try again.
33Which of the following best describes 'Phishing'?
A.Flooding a network with traffic.
B.Intercepting Wi-Fi signals.
C.Social engineering via email/web to steal credentials.
D.Guessing passwords using a dictionary.
Correct Answer: Social engineering via email/web to steal credentials.
Explanation:Phishing is a fraudulent attempt to obtain sensitive information like usernames and passwords by disguising as a trustworthy entity in electronic communication.
Incorrect! Try again.
34In the Lock-Key mechanism for access control:
A.Every user has a physical key.
B.Each object has a list of unique bit patterns (locks) and domains have patterns (keys).
C.The OS uses a master password.
D.It is identical to an Access Control List.
Correct Answer: Each object has a list of unique bit patterns (locks) and domains have patterns (keys).
Explanation:In this hybrid scheme, a domain has a list of keys, and an object has a list of locks. Access is granted only if a key matches one of the locks.
Incorrect! Try again.
35One-Time Passwords (OTP) are used to primarily prevent:
A.Buffer overflows.
B.Replay attacks.
C.Virus infections.
D.Deadlocks.
Correct Answer: Replay attacks.
Explanation:Since an OTP is valid for only one session or transaction, an attacker who intercepts (sniffs) the password cannot use it again, preventing replay attacks.
Incorrect! Try again.
36Which of the following is a 'System Threat' rather than a 'Program Threat'?
A.Trojan Horse
B.Virus
C.Worm
D.Trapdoor
Correct Answer: Worm
Explanation:While viruses and Trojans are program threats (requiring a host program), a Worm is often classified as a system threat because it uses system mechanisms (network) to spawn copies of itself independently.
Incorrect! Try again.
37If a process P1 is holding Resource R1 and waiting for R2, and P2 is holding R2 and waiting for R1, this is an example of:
A.Starvation
B.Circular Wait
C.Safe State
D.Preemption
Correct Answer: Circular Wait
Explanation:This describes a circular chain of processes where each is waiting for a resource held by the next member in the chain, a necessary condition for deadlock.
Incorrect! Try again.
38Secure communication over a network often relies on:
A.Short passwords.
B.Encryption and Cryptography.
C.Open access points.
D.Faster routers.
Correct Answer: Encryption and Cryptography.
Explanation:Encryption ensures confidentiality and integrity of data transmitted over insecure networks.
Incorrect! Try again.
39Man-in-the-middle (MitM) attack involves:
A.An attacker secretly relaying and possibly altering communication between two parties.
B.An attacker guessing the password.
C.An attacker destroying the server hardware.
D.An attacker locking the database.
Correct Answer: An attacker secretly relaying and possibly altering communication between two parties.
Explanation:In MitM, the attacker sits between two communicating parties, impersonating each to the other to intercept or modify data.
Incorrect! Try again.
40A 'Stealth Virus' attempts to:
A.Encrypt the hard drive.
B.Hide its presence from the OS and antivirus software.
C.Make the screen go black.
D.Delete the boot sector immediately.
Correct Answer: Hide its presence from the OS and antivirus software.
Explanation:Stealth viruses use techniques to hide, such as intercepting system calls to return original file data instead of the infected data when scanned.
Incorrect! Try again.
41Which of the following is a weakness of the Global Table implementation of the Access Matrix?
A.It is too secure.
B.The table can become extremely large and cannot be kept in main memory.
C.It does not support file permissions.
D.It allows everyone to access everything.
Correct Answer: The table can become extremely large and cannot be kept in main memory.
Explanation:A global table stores a triple (domain, object, rights) for every permission. In a large system, this table becomes massive and inefficient to search.
Incorrect! Try again.
42When a system recovers from deadlock by rolling back a process, what issue must be addressed to prevent the same process from being picked repeatedly?
A.Starvation
B.Mutual Exclusion
C.Throughput
D.Latency
Correct Answer: Starvation
Explanation:If the victim selection algorithm is based solely on cost, the same process might always be picked as the victim, causing starvation. The number of rollbacks should be included in the cost factor.
Incorrect! Try again.
43What is the main disadvantage of Deadlock Detection compared to Deadlock Prevention?
A.It restricts resource usage.
B.It requires runtime overhead to run the detection algorithm.
C.It never finds deadlocks.
D.It requires user intervention.
Correct Answer: It requires runtime overhead to run the detection algorithm.
Explanation:Deadlock detection allows deadlocks to occur and then finds them. This requires CPU time to run the algorithm and maintain the resource graph, adding system overhead.
Incorrect! Try again.
44In protection systems, switching from one domain to another (Domain Switching) typically happens when:
A.A user logs out.
B.A process calls a system call or changes privilege level.
C.The computer is restarted.
D.A file is deleted.
Correct Answer: A process calls a system call or changes privilege level.
Explanation:Domain switching occurs, for example, when a user process executes a system call (switching from user domain to kernel domain) or when a process gains new privileges.
Incorrect! Try again.
45The 'Confidentiality' aspect of security ensures that:
A.Assets are accessible to authorized parties.
B.Assets can only be modified by authorized parties.
C.Assets are accessible only to authorized parties.
D.The system is always running.
Correct Answer: Assets are accessible only to authorized parties.
Explanation:Confidentiality (or Secrecy) ensures that information is not disclosed to unauthorized individuals, entities, or processes.
Incorrect! Try again.
46Which of the following is an example of a 'Day Zero' or 'Zero-Day' attack?
A.An attack that happens at midnight.
B.An attack exploiting a vulnerability before the developer knows about it or has a fix.
C.An attack that deletes 0 bytes.
D.An attack using 0s and 1s.
Correct Answer: An attack exploiting a vulnerability before the developer knows about it or has a fix.
Explanation:A Zero-Day attack exploits a software vulnerability on the same day (or before) the vendor becomes aware of it, meaning no patch exists yet.
Incorrect! Try again.
47Password 'Salting' makes which specific type of attack much more difficult?
A.Brute Force
B.Dictionary Attack using Rainbow Tables
C.Phishing
D.Social Engineering
Correct Answer: Dictionary Attack using Rainbow Tables
Explanation:Salting ensures that the same passwords have different hashes. This renders pre-computed hash tables (Rainbow Tables) ineffective.
Incorrect! Try again.
48In the context of Application Security, 'Input Validation' helps prevent:
A.Deadlock
B.Buffer Overflow and SQL Injection
C.Starvation
D.Packet Sniffing
Correct Answer: Buffer Overflow and SQL Injection
Explanation:Validating input ensures that the data received by an application is well-formed, preventing malicious scripts or excessive data (overflows) from being processed.
Incorrect! Try again.
49What is 'Network Sniffing'?
A.Smelling the hardware for burning components.
B.Monitoring and capturing data packets passing through a network.
C.Cleaning the network cables.
D.Speeding up the network connection.
Correct Answer: Monitoring and capturing data packets passing through a network.
Explanation:Sniffing involves using software or hardware to intercept and log traffic passing over a digital network.
Incorrect! Try again.
50Which concept ensures that a modification to a system asset is done only in an authorized manner?
A.Availability
B.Confidentiality
C.Integrity
D.Authentication
Correct Answer: Integrity
Explanation:Integrity ensures that data or system resources are not modified, altered, or corrupted by unauthorized users.
Incorrect! Try again.
Give Feedback
Help us improve by sharing your thoughts or reporting issues.