Unit 4 - Practice Quiz

CSE316 50 Questions
0 Correct 0 Wrong 50 Left
0/50

1 Which of the following is NOT a necessary condition for a deadlock to occur?

A. Circular Wait
B. Preemption
C. Mutual Exclusion
D. Hold and Wait

2 Which deadlock handling strategy involves ensuring that at least one of the necessary conditions for deadlock cannot hold?

A. Deadlock Recovery
B. Deadlock Avoidance
C. Deadlock Prevention
D. Deadlock Detection

3 The Banker’s Algorithm is used for which purpose in an Operating System?

A. Deadlock Recovery
B. Deadlock Detection
C. Deadlock Avoidance
D. Deadlock Prevention

4 A system is in a 'safe state' if:

A. There is no deadlock.
B. All resources are currently free.
C. No process is waiting for resources.
D. There exists a safe sequence of all processes.

5 In a Resource Allocation Graph, if the graph contains no cycles, then:

A. A deadlock exists.
B. The system is in an unsafe state.
C. A deadlock may exist.
D. No deadlock exists.

6 Which technique addresses the 'Circular Wait' condition to prevent deadlock?

A. Allowing preemption
B. Spooling resources
C. Imposing a total ordering of all resource types
D. Requesting all resources at the start

7 What is the primary difference between a Virus and a Worm?

A. A virus spreads via network only; a worm spreads via disk.
B. A worm infects hardware; a virus infects software.
C. A virus is harmless; a worm is malicious.
D. A virus requires a host program to spread; a worm can replicate independently.

8 Which of the following describes 'Starvation'?

A. A process waiting indefinitely because other processes are constantly favored.
B. Two processes waiting indefinitely for each other.
C. A security breach in the kernel.
D. The system crashing due to memory overload.

9 A 'Trapdoor' (or Backdoor) in a system is:

A. A hardware failure.
B. A mechanism to bypass security controls.
C. A protocol for secure file transfer.
D. A type of antivirus software.

10 Which attack involves overwriting a memory area to corrupt data or execute malicious code?

A. Phishing
B. Sniffing
C. Buffer Overflow
D. Denial of Service

11 Which component of the Access Matrix model represents the protection domain?

A. The intersection cell
B. The row
C. The column
D. The file system

12 Implementing an Access Matrix by storing list of objects and rights with each domain is known as:

A. Lock-key mechanism
B. Global Table
C. Capability List
D. Access Control List (ACL)

13 The 'Principle of Least Privilege' states that:

A. Users should have maximum access to ensure efficiency.
B. Programs and users should be given just enough privileges to perform their task.
C. All users should have the same privilege level.
D. Security should be handled only by the OS kernel.

14 Which of the following is a method for Deadlock Recovery?

A. Process Termination
B. Banker's Algorithm
C. Wait-for Graph
D. Ordering Resources

15 What is 'Cache Poisoning'?

A. Physically damaging the cache memory.
B. Introducing false information into a DNS or ARP cache.
C. Encrypting the cache so the CPU cannot read it.
D. Filling the cache so no valid data can be stored.

16 In the context of Deadlock Detection with single instances of each resource type, which structure is used?

A. Banker's Matrix
B. Gantt Chart
C. Wait-for Graph
D. Access Control List

17 Which of the following is an example of a 'Program Threat'?

A. Phishing email
B. Trojan Horse
C. Shoulder surfing
D. Dumpster diving

18 The practice of adding a random string to a password before hashing it is called:

A. Spoofing
B. Snooping
C. Phishing
D. Salting

19 Which recovery method involves rolling back a process to a safe checkpoint?

A. Mutual Exclusion
B. Resource Preemption
C. Process Termination
D. Starvation

20 A 'Logic Bomb' is:

A. A type of firewall.
B. Code embedded in a legitimate program that executes when specific conditions are met.
C. A virus that spreads via email.
D. A hardware malfunction.

21 In an Access Control List (ACL) implementation, the permissions are associated with:

A. The Object (File/Resource)
B. The Domain (User)
C. The Network
D. The Operating System

22 Which of the following is a goal of Protection in an OS?

A. To prevent the user from installing applications.
B. To ensure that resources are used only by those processes that have proper authorization.
C. To increase CPU speed.
D. To maximize memory fragmentation.

23 What is the 'Ostrich Algorithm' in the context of deadlocks?

A. Preventing the deadlock strictly.
B. Detecting the deadlock and recovering.
C. Ignoring the deadlock problem altogether.
D. Avoiding the deadlock using probabilities.

24 Which attack attempts to guess a password by trying every possible combination of characters?

A. Brute Force Attack
B. Dictionary Attack
C. Phishing
D. Trojan Horse

25 What is a 'Denial of Service' (DoS) attack?

A. Stealing user passwords.
B. Preventing legitimate users from accessing a system or network.
C. Encrypting user data for ransom.
D. Injecting a virus into the boot sector.

26 The 'Need-to-Know' principle suggests:

A. Security is not necessary for internal networks.
B. A process should only have access to resources currently required for its task.
C. Users must know everything about the system.
D. All files should be readable by everyone.

27 Which of the following is NOT a standard method for user authentication?

A. Something the user wants (Desire)
B. Something the user has (Smart card)
C. Something the user is (Biometrics)
D. Something the user knows (Password)

28 In the context of protection, a 'Domain' implies:

A. A website address.
B. A physical location of the server.
C. The type of operating system used.
D. A set of access rights/privileges.

29 Which deadlock prevention strategy denies the 'Hold and Wait' condition?

A. Preempting resources from a process.
B. Ordering resources numerically.
C. Using the Banker's Algorithm.
D. Requiring a process to request all resources before execution begins.

30 What is 'Stack Smashing'?

A. Physical damage to the CPU stack.
B. Compressing the stack to save memory.
C. A form of buffer overflow attack targeting the stack.
D. Deleting the stack pointer.

31 A 'Polymorphic Virus' is one that:

A. Infects multiple operating systems.
B. Only attacks graphics files.
C. Changes its signature or code every time it replicates to avoid detection.
D. Cannot be removed.

32 What does 'Mutual Exclusion' mean in the context of deadlock?

A. At least one resource must be held in a non-sharable mode.
B. Processes wait in a circle.
C. Processes must share all resources.
D. Resources can be preempted.

33 Which of the following best describes 'Phishing'?

A. Guessing passwords using a dictionary.
B. Social engineering via email/web to steal credentials.
C. Flooding a network with traffic.
D. Intercepting Wi-Fi signals.

34 In the Lock-Key mechanism for access control:

A. The OS uses a master password.
B. It is identical to an Access Control List.
C. Every user has a physical key.
D. Each object has a list of unique bit patterns (locks) and domains have patterns (keys).

35 One-Time Passwords (OTP) are used to primarily prevent:

A. Virus infections.
B. Deadlocks.
C. Buffer overflows.
D. Replay attacks.

36 Which of the following is a 'System Threat' rather than a 'Program Threat'?

A. Trapdoor
B. Virus
C. Worm
D. Trojan Horse

37 If a process P1 is holding Resource R1 and waiting for R2, and P2 is holding R2 and waiting for R1, this is an example of:

A. Safe State
B. Preemption
C. Circular Wait
D. Starvation

38 Secure communication over a network often relies on:

A. Short passwords.
B. Faster routers.
C. Encryption and Cryptography.
D. Open access points.

39 Man-in-the-middle (MitM) attack involves:

A. An attacker locking the database.
B. An attacker secretly relaying and possibly altering communication between two parties.
C. An attacker guessing the password.
D. An attacker destroying the server hardware.

40 A 'Stealth Virus' attempts to:

A. Delete the boot sector immediately.
B. Hide its presence from the OS and antivirus software.
C. Encrypt the hard drive.
D. Make the screen go black.

41 Which of the following is a weakness of the Global Table implementation of the Access Matrix?

A. It is too secure.
B. The table can become extremely large and cannot be kept in main memory.
C. It allows everyone to access everything.
D. It does not support file permissions.

42 When a system recovers from deadlock by rolling back a process, what issue must be addressed to prevent the same process from being picked repeatedly?

A. Latency
B. Starvation
C. Mutual Exclusion
D. Throughput

43 What is the main disadvantage of Deadlock Detection compared to Deadlock Prevention?

A. It requires user intervention.
B. It requires runtime overhead to run the detection algorithm.
C. It never finds deadlocks.
D. It restricts resource usage.

44 In protection systems, switching from one domain to another (Domain Switching) typically happens when:

A. A file is deleted.
B. The computer is restarted.
C. A user logs out.
D. A process calls a system call or changes privilege level.

45 The 'Confidentiality' aspect of security ensures that:

A. Assets can only be modified by authorized parties.
B. Assets are accessible to authorized parties.
C. The system is always running.
D. Assets are accessible only to authorized parties.

46 Which of the following is an example of a 'Day Zero' or 'Zero-Day' attack?

A. An attack exploiting a vulnerability before the developer knows about it or has a fix.
B. An attack using 0s and 1s.
C. An attack that happens at midnight.
D. An attack that deletes 0 bytes.

47 Password 'Salting' makes which specific type of attack much more difficult?

A. Phishing
B. Social Engineering
C. Dictionary Attack using Rainbow Tables
D. Brute Force

48 In the context of Application Security, 'Input Validation' helps prevent:

A. Packet Sniffing
B. Deadlock
C. Starvation
D. Buffer Overflow and SQL Injection

49 What is 'Network Sniffing'?

A. Smelling the hardware for burning components.
B. Speeding up the network connection.
C. Cleaning the network cables.
D. Monitoring and capturing data packets passing through a network.

50 Which concept ensures that a modification to a system asset is done only in an authorized manner?

A. Integrity
B. Confidentiality
C. Authentication
D. Availability