Computer Science/IT MCQs
Topic Notes: Computer Science/IT
MCQs and preparation resources for competitive exams, covering important concepts, past papers, and detailed explanations.
Plato
- Biography: Ancient Greek philosopher (427–347 BCE), student of Socrates and teacher of Aristotle, founder of the Academy in Athens.
- Important Ideas:
- Theory of Forms
- Philosopher-King
- Ideal State
41
Which of the following best describes the primary function of a firewall in network security architecture?
Answer:
Monitoring and filtering network traffic according to predefined security policies to protect a network from threats.
A firewall is a crucial component of network security. Its primary function is to act as a barrier between a trusted internal network and an untrusted external network (like the internet). It achieves this by monitoring incoming and outgoing network traffic and filtering it based on a set of predefined security rules. These rules determine which traffic is allowed to pass through and which is blocked, thereby preventing unauthorized access, malware, and other cyber threats from entering or leaving the network. While encryption (option a) is a security measure, it's not the primary role of a firewall. Boosting network speed (option c) is handled by network optimization tools, not firewalls. Assigning IP addresses (option d) is typically the role of a DHCP server or network administrator.
42
A "demilitarized zone" (DMZ) in a network architecture is:
Answer:
A perimeter network segment that is isolated from the secure internal LAN and the untrusted internet.
A DMZ is a buffer zone that contains public-facing servers, such as web and email servers. These servers are accessible from the internet, but they are isolated from the internal corporate network by a firewall. This way, if a public server is compromised, the attacker does not have direct access to the internal network.
43
Why is using a password and a security question (like your mother's maiden name) NOT considered true multi-factor authentication?
Answer:
Because both are in the same category: "something you know."
To be considered true MFA, the verification methods must come from at least two of the three distinct factor categories (knowledge, possession, inherence). A password and a security question are both knowledge-based factors, so this is just a layered form of single-factor authentication.
44
A "false negative" in an IDS/IPS occurs when:
Answer:
The system fails to detect a real attack.
A false negative is a failure of detection. It is a highly dangerous situation where a real intrusion or attack occurs, but the security system does not generate an alert, allowing the attack to proceed unnoticed.
45
A "teardrop" attack is a type of DoS attack that:
Answer:
Sends fragmented IP packets to a target machine that are impossible to reassemble correctly, causing the system to crash.
The teardrop attack exploits a vulnerability in the TCP/IP fragmentation reassembly process. By sending mangled and overlapping IP fragments, the attacker can cause the receiving operating system to panic or crash when it tries to put them back together.
46
A "blockchain" primarily uses which cryptographic tool to link blocks of transactions together securely?
Answer:
Hashing
A blockchain is a chain of blocks, where each block contains a cryptographic hash of the previous block. This creates an immutable and tamper-evident ledger, as changing any data in a previous block would change its hash, which would break the chain.
47
What is a key difference between a software firewall and a hardware firewall?
Answer:
A software firewall is installed on an individual computer, while a hardware firewall is a separate physical device that protects an entire network.
A software firewall (or host-based firewall) runs on a specific endpoint and protects only that machine. A hardware firewall (or network firewall) is a dedicated appliance that sits at the edge of a network, protecting all the devices behind it.
48
Which of the following is considered the most secure method for receiving one-time passwords?
Answer:
An authenticator app (like Google Authenticator or Authy).
Authenticator apps generate time-based one-time passwords (TOTP) directly on the device and are not vulnerable to SIM swapping or SMS interception attacks, which makes them significantly more secure than SMS-based 2FA.
49
The three main categories of authentication factors are "something you know," "something you have," and:
Answer:
"Something you are."
The three internationally recognized factors of authentication are:
50
An alert from an IDS that says "Potential Port Scan Detected" means:
Answer:
An attacker is likely probing your network to see which ports are open and which services are running.
A port scan is a common reconnaissance technique used by attackers. They systematically check for open ports on your systems to identify potential vulnerabilities that can be exploited. An IDS is designed to detect this type of probing activity.