Unit 4 - Practice Quiz

Correct Answer: Deadlock

Explanation: Deadlock is a situation where a set of processes are blocked because each process is holding a resource and waiting for another resource acquired by some other process.

Correct Answer: Preemption

Explanation: No Preemption is the necessary condition. If resources can be preempted (taken away), deadlock can be broken. Therefore, the existence of 'Preemption' prevents deadlock.

Correct Answer: No deadlock exists

Explanation: If a resource allocation graph contains no cycles, then no deadlock exists in the system. A cycle is a necessary condition for deadlock.

Correct Answer: Ostrich Algorithm

Explanation: The Ostrich Algorithm is a strategy of ignoring potential problems (like deadlocks) on the basis that they are extremely rare.

Correct Answer: Processes must request and be allocated all resources before execution

Explanation: To prevent Hold and Wait, a process must guarantee that when it requests a resource, it does not hold any other resources. One protocol is to require a process to request and be allocated all its resources before it begins execution.

Correct Answer: The maximum number of resources of each type that each process may need

Explanation: Deadlock avoidance algorithms, such as the Banker's Algorithm, require that each process declare the maximum number of resources of each type that it may need.

Correct Answer: There exists a sequence of all processes such that each process can satisfy its maximum demand

Explanation: A state is safe if the system can allocate resources to each process (up to its maximum) in some order (safe sequence) and still avoid a deadlock.

Correct Answer:

Explanation: The matrix represents the remaining resource needs of each process. It is calculated as the Maximum demand minus the resources currently Allocated.

Correct Answer: Wait-for Graph

Explanation: If each resource type has a single instance, a Wait-for graph can be used. A deadlock exists if and only if there is a cycle in the Wait-for graph.

Correct Answer: The amount of CPU time the process has used so far (cost of rollback)

Explanation: Selection of a victim involves minimizing cost. Factors include the priority of the process, how long it has computed, and how many resources it has used.

Correct Answer: Starvation

Explanation: Starvation (or indefinite blocking) is a situation where a process waits indefinitely within the semaphore or wait queue because other processes are continuously preferred.

Correct Answer: Aging

Explanation: Aging involves gradually increasing the priority of processes that wait in the system for a long time, ensuring they eventually get executed.

Correct Answer: Protection deals with internal threats; Security deals with external threats

Explanation: Protection refers to a mechanism for controlling access of programs, processes, or users to system resources (internal control). Security is the measure of confidence that the integrity of a system and its data will be preserved (often against external threats).

Correct Answer: Programs, users, and systems should be given just enough privileges to perform their task

Explanation: The principle of least privilege states that a subject should be given only those privileges that it needs in order to complete its task.

Correct Answer: A set of objects and the operations that may be performed on those objects

Explanation: A domain is a set of access rights, where each access right is an ordered pair <object-name, rights-set>.

Correct Answer: Domains, Objects

Explanation: In an Access Matrix, the rows represent domains (or subjects), and the columns represent objects (files, printers, etc.). The entry defines the set of operations that a process executing in Domain can invoke on Object .

Correct Answer: Access Control Lists (ACL)

Explanation: An ACL is associated with an object (column) and lists all the domains that can access that object and how.

Correct Answer: Each Domain (Process)

Explanation: A Capability List is a list of objects together with the operations allowed on those objects, associated with a specific domain (row-wise decomposition of the Access Matrix).

Correct Answer: When a process writes more data to a fixed-length buffer than the buffer can hold

Explanation: Buffer overflow occurs when a program attempts to write more data to a buffer than it is allocated, overwriting adjacent memory locations, often the return address in the stack.

Correct Answer: Logic Bomb

Explanation: A Logic Bomb is code embedded in a legitimate program that is set to 'explode' (execute malicious actions) when certain conditions (like a specific date or time) are met.

Correct Answer: A method of bypassing normal authentication methods

Explanation: A trapdoor (or backdoor) is a secret entry point into a program that allows someone who is aware of the trapdoor to gain access without going through the usual security access procedures.

Correct Answer: A program that appears useful but contains hidden malicious code

Explanation: A Trojan Horse is a malicious program that misleads users of its true intent by appearing to be a legitimate or useful program.

Correct Answer: A worm is a standalone program that replicates itself over a network; a virus attaches to a host program

Explanation: Viruses are code fragments that attach to legitimate programs (hosts). Worms are standalone programs that use computer networks to replicate themselves to other nodes.

Correct Answer: To ensure that the same password results in different hash values

Explanation: A salt is a random string added to the password before hashing. It prevents dictionary attacks and ensures that two users with the same password have different stored hashes.

Correct Answer: Man-in-the-Middle (MitM)

Explanation: In a Man-in-the-Middle attack, the attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other.

Correct Answer: DNS (Domain Name System)

Explanation: Cache Poisoning (specifically DNS cache poisoning) involves introducing corrupt data into the DNS resolver's cache, causing the name server to return an incorrect IP address.

Correct Answer: Disrupt the legitimate use of a system or network

Explanation: The goal of a DoS attack is to make a machine or network resource unavailable to its intended users.

Correct Answer: Phishing

Explanation: Phishing involves tricking individuals into revealing sensitive information (like passwords) by pretending to be a trustworthy entity, which relies on social manipulation (Social Engineering).

Correct Answer: Defining a linear ordering of resource types

Explanation: Circular wait can be prevented by imposing a total ordering of all resource types and requiring that each process requests resources in an increasing order of enumeration.

Correct Answer: A deadlock may occur

Explanation: An unsafe state means there is no guarantee that the system can prevent a deadlock. It does not mean a deadlock currently exists, but the potential is there.

Correct Answer: A form of buffer overflow targeting the stack to modify the return address

Explanation: Stack smashing is a specific type of buffer overflow attack where the attacker overwrites the stack memory, specifically the return address, to redirect execution to malicious code.

Correct Answer: Increasing the clock speed of the CPU

Explanation: Goals of protection include preventing misuse, ensuring fair resource use, and enforcing policies. CPU clock speed is a hardware performance characteristic.

Correct Answer: Each object has a list of unique bit patterns (locks) and each domain has a list of unique bit patterns (keys)

Explanation: In this scheme, a process in a domain can access an object only if that domain has a key that matches one of the locks of the object.

Correct Answer: Identify which services are running on a target system

Explanation: Port scanning involves sending messages to various ports on a computer to find out which services (ports) are open and listening, often as a precursor to an attack.

Correct Answer: Polymorphic Virus

Explanation: A polymorphic virus encrypts its body and changes the decryption routine (signature) with every infection to evade antivirus detection based on static signatures.

Correct Answer: Ensuring that information contained in an object does not leak outside the system

Explanation: The confinement problem is the problem of guaranteeing that a process (the server) which borrows a client's data does not record/leak that data to others.

Correct Answer: Process to Resource

Explanation: A request edge signifies that a process has requested an instance of resource type . It is drawn from to .

Correct Answer: Resource Preemption

Explanation: When preempting resources to break a deadlock, the system must roll back the victim process to a safe state (often the beginning) and restart it.

Correct Answer: The password being used only once and then becoming invalid

Explanation: OTP systems generate a password valid for only one login session or transaction, preventing replay attacks.

Correct Answer: Confidentiality, Integrity, Availability

Explanation: These are the three core goals of security: Confidentiality (secrecy), Integrity (correctness), and Availability (accessibility).

Correct Answer: Scavenging through physical trash to find sensitive information

Explanation: Dumpster diving is a physical security threat where attackers look through trash for notes, printouts, or devices containing passwords or sensitive data.

Correct Answer: Packet Sniffing

Explanation: Packet sniffing (traffic analysis) is a passive attack because the attacker monitors the transmission but does not alter the data or disrupt the communication.

Correct Answer: At least one resource must be held in a non-sharable mode

Explanation: Mutual exclusion means that only one process can use a specific resource instance at a time.

Correct Answer: No, never

Explanation: Total resources = 4. Max need per process = 2. Even if all 3 processes hold 1 resource (using 3 total), 1 resource remains free. This free resource can be allocated to one process to finish (reach 2), releasing its resources. Thus, deadlock is impossible.

Correct Answer: It is obtained by removing resource nodes and collapsing edges from the Resource Allocation Graph

Explanation: A wait-for graph consists of nodes representing processes. An edge exists if is waiting for a resource held by .

Correct Answer: A process to switch from one domain to another

Explanation: The switch right, when held by a domain on another domain, allows a process executing in the first domain to switch execution context to the second domain.

Correct Answer: Software that secretly gathers information about a user and sends it to a third party

Explanation: Spyware is malicious software designed to enter your computer device, gather data about you, and forward it to a third-party without your consent.

Correct Answer: Unpatched software vulnerabilities unknown to the vendor

Explanation: A Zero-Day attack exploits a software vulnerability on the same day it becomes known (or before), meaning the developer has had 'zero days' to fix it.

Correct Answer: Biometrics (Fingerprint)

Explanation: Authentication validates identity. Biometrics, passwords, and smart cards are authentication mechanisms. ACLs are authorization mechanisms.

Correct Answer: Systems with multiple instances of each resource type

Explanation: The Banker's Algorithm is designed for deadlock avoidance in systems where resources have multiple instances.