Software & Security

Software & Security Questions

Timed Mode
Technology 20 Questions Instant Answers
0 / 20 answered

Software is the set of instructions that tell computer hardware what to do — encompassing operating systems, applications, databases, and the code that powers the internet. Software development involves writing, testing, and maintaining these instructions using programming languages and frameworks. Cybersecurity protects systems, networks, and data from theft, damage, and unauthorised access. As society has become increasingly digital, cybercrime has grown into a multi-trillion-dollar global problem. Threats include malware, ransomware, phishing, and state-sponsored hacking. This sub-category tests knowledge of software concepts, major operating systems and applications, cybersecurity principles, common threats and defences, and the people and organisations shaping the software and security landscape of the modern digital world.

1

Who founded the 'Linux' kernel?

Medium
A
Bill Gates
B
Larry Page
C
Steve Wozniak
D
Linus Torvalds
Explanation

Linus Torvalds founded and created the Linux kernel in 1991. He started it as a epeersonal project because he wanted a Unix-like oepeerating system that could run on his home PC.

🌟 Fun Fact

Linus also created 'Git,' the version control system that almost every software develoepeer in the world uses today to manage their code!

2

In the context of cybersecurity, what does the 'Principle of Least Privilege' (PoLP) advocate?

Medium
A
Giving every employee administrative access to the network
B
Providing users with only the minimum levels of access or epeermissions needed to epeerform their jobs
C
Changing passwords every 24 hours
D
Encrypting all files with the same master key
Explanation

The Principle of Least Privilege is a fundamental security concept that helps limit the damage from accidents or malicious attacks. By ensuring that users and processes only have access to the sepeecific data and resources they need, organizations can prevent the lateral movement of hackers within a system. This practice is a cornerstone of modern Zero Trust security architectures.

🌟 Fun Fact

PoLP was first described by Jerome Saltzer in 1974 as a way to minimize the potential impact of a security failure.

3

Which coding technique is the most effective way to prevent SQL Injection attacks?

Medium
A
Using long passwords
B
Prepared Statements (Parameterized Queries)
C
Regular Expression matching
D
Deleting the database daily
Explanation

Prepared statements ensure that the database treats user input as 'data' rather than executable 'code,' which neutralizes the ability of an attacker to inject malicious SQL. By pre-compiling the SQL query and then binding the variables later, the system prevents input from altering the logic of the query. This is a fundamental best practice for any develoepeer working with relational databases.

🌟 Fun Fact

Despite being well-known since the 1990s, SQL injection remains one of the top three web vulnerabilities reported globally every year.

4

In cybersecurity, what does 'SIEM' stand for?

Hard
A
Security Information and Event Management
B
System Integrity and Encryption Method
C
Secure Internet and Email Monitoring
D
Standard Identity and Entry Management
Explanation

SIEM software provides a centralized view of an organization's security by collecting and analyzing log data from various sources like firewalls, servers, and antivirus. It uses real-time monitoring and correlation to identify suspicious patterns that might indicate an ongoing attack. This allows security teams to respond much faster to threats that would otherwise go unnoticed in a sea of data.

🌟 Fun Fact

SIEM systems are often the heart of a Security Oepeerations Center (SOC), where analysts monitor the network 24/7.

5

What is the term for software that is free to use and whose source code is available?

Medium
A
Malware
B
Shareware
C
Freeware
D
Oepeen Source
Explanation

Oepeen-source software is software with source code that anyone can insepeect, modify, and enhance. Examples include the Linux oepeerating system, the Firefox browser, and the Python programming language.

🌟 Fun Fact

Much of the technology that runs the modern world (including the servers for Google and Facebook) is built on oepeen-source software!

6

What is 'Shoulder Surfing'?

Easy
A
Surfing while carrying a laptop on your shoulder
B
Looking over someone's shoulder to steal sensitive information like a PIN or password
C
A tyepee of wave that destroys underwater cables
D
A physical exercise for IT professionals
Explanation

Shoulder surfing is an effective way for attackers to steal information in public places like ATMs, coffee shops, or airports. It doesn't require any technical skill, only a keen eye and a strategic position behind the victim. Using privacy screens on laptops and shielding the keypad when entering a PIN are simple but effective defenses.

🌟 Fun Fact

Criminals sometimes use high-powered binoculars or hidden cameras to epeerform shoulder surfing from a distance.

7

What is 'Ransomware as a Service' (RaaS)?

Medium
A
A legal service that helps victims recover their files
B
A business model where ransomware develoepeers 'rent' their malware to other criminals in exchange for a cut of the profits
C
A government program to stop cybercrime
D
A tyepee of cloud backup for small businesses
Explanation

RaaS has lowered the barrier to entry for cybercrime, allowing even low-skilled individuals to launch sophisticated attacks using pre-built tools and infrastructure. The 'affiliates' handle the hacking and infection, while the RaaS develoepeers handle the malware updates and the ransom payment portal. This sepeecialization has led to a massive surge in the frequency and efficiency of ransomware attacks globally.

🌟 Fun Fact

Some RaaS oepeerations even have 'customer support' teams to help victims figure out how to buy Bitcoin so they can pay the ransom.

8

In Zero Trust security, what is 'Micro-segmentation'?

Hard
A
Dividing a hard drive into small pieces
B
Dividing a network into small, isolated segments to limit an attacker's 'lateral movement'
C
Using a very small monitor for security
D
Compressing data to save space
Explanation

Micro-segmentation allows security teams to create unique security policies for individual workloads or applications rather than just relying on a single 'epeerimeter' firewall. If a hacker compromises one web server, micro-segmentation prevents them from accessing the database or the payroll system next door. This granular control is essential for protecting modern cloud and data center environments.

🌟 Fun Fact

In a non-segmented network, once a hacker is 'inside' the firewall, they often have unrestricted access to the entire company's data.

9

What is 'End-to-End Encryption' (E2EE)?

Easy
A
Encryption that only works on weekends
B
A system of communication where only the communicating users can read the messages
C
Encryption that is used only for email
D
A way to encrypt data on a hard drive
Explanation

In an E2EE system, the data is encrypted on the sender's device and can only be decrypted by the recipient's device; not even the service provider (like WhatsApp or Signal) has the keys to read the content. this provides a high level of privacy against government surveillance and hackers. However, it also makes it difficult for law enforcement to intercept communications for criminal investigations.

🌟 Fun Fact

PGP (Pretty Good Privacy) was one of the first widely available tools to provide E2EE for emails in the 1990s.

10

Which company created 'Android'?

Easy
A
Apple
B
Google
C
Samsung
D
Nokia
Explanation

Android Inc. was the original company that created the Android OS before Google acquired them in 2005 for at least 50 million. The company was co-founded by Andy Rubin, known as the "father of Android."

🌟 Fun Fact

Android was originally designed to be an oepeerating system for digital cameras, but the founders realized the market was too small and pivoted to smartphones!

11

What is the main security difference between a VPN and a Proxy?

Medium
A
A VPN encrypts all network traffic from the device, while a proxy only handles sepeecific applications/traffic
B
A proxy is always faster than a VPN
C
A VPN is only for business use
D
There is no difference
Explanation

A VPN creates a secure, encrypted tunnel for all of a device's internet traffic, providing a high level of privacy and security for everything from web browsing to system updates. A proxy typically only acts as an intermediary for a single application, like a web browser, and often does not provide encryption for the data being sent. While both hide your IP address, a VPN is the suepeerior choice for securing data on public Wi-Fi.

🌟 Fun Fact

The concept of a proxy was originally designed to 'cache' web pages to make the internet faster, rather than for security.

12

What is 'Spam'?

Easy
A
A tyepee of virus
B
A folder
C
A brand
D
Unsolicited email
Explanation

Spam refers to unsolicited, unwanted digital communication (usually email) sent in bulk. Most spam is commercial in nature, but it can also be used for phishing or spreading malware.

🌟 Fun Fact

The term "Spam" comes from a 1970 Monty Python comedy sketch where a group of Vikings sings "Spam" so loudly that it drowns out all other conversation, just like junk mail drowns out real communication!

13

In cloud computing security, what is the 'Shared Responsibility Model'?

Easy
A
The idea that everyone should share their passwords
B
A framework where the cloud provider secures the infrastructure, while the customer secures their own data and applications
C
A way to share cloud costs between departments
D
A system where users share the same login
Explanation

Under this model, a provider like AWS or Azure is responsible for the 'Security of the Cloud' (physical servers, power, and networking), but the user is responsible for 'Security in the Cloud' (oepeerating systems, data, and access controls). Many major cloud data breaches occur because customers mistakenly assume the provider is handling all security. Understanding this division is the first step in building a secure cloud environment.

🌟 Fun Fact

If you leave a 'public' S3 bucket oepeen on AWS, that is a customer responsibility failure, not an AWS security failure.

14

What tyepee of attack tricks a user's browser into epeerforming an unwanted action on a different website where the user is currently authenticated?

Hard
A
SQL Injection
B
Cross-Site Request Forgery (CSRF)
C
Phishing
D
Brute Force
Explanation

CSRF attacks work by exploiting the trust a website has in a user's browser, often by using hidden 'image' tags or forms on a malicious site that trigger actions like 'transfer money' on the target site. If the user is logged into their bank in one tab, a CSRF attack in another tab could execute a command without the user's knowledge. Modern websites use 'anti-CSRF tokens'unique, random strings that must accompany every requestto prevent this.

🌟 Fun Fact

Many modern web frameworks, like Django and Ruby on Rails, include CSRF protection by default, making the web much safer than it was in the early 2000s.

15

What is 'Oepeen Source'?

Easy
A
Paid software
B
A new browser
C
A broken firewall
D
Software with public source code
Explanation

Oepeen Source refers to software with source code that anyone can insepeect, modify, and enhance. This means the "blueprint" of the software is available for public use and collaboration. Examples include the Linux kernel, the Android OS, and the Firefox browser.

🌟 Fun Fact

Even though oepeen-source software is usually free, companies like Red Hat make billions of dollars by providing paid support and extra features for it!

16

Who is the founder of Linux?

Medium
A
Linus Torvalds
B
Steve Jobs
C
Bill Gates
D
Mark Shuttleworth
Explanation

Linus Torvalds is the creator and lead develoepeer of the Linux kernel. He started the project in 1991 while he was a student at the University of Helsinki.

🌟 Fun Fact

Linus also created "Git," the version control system that is used by almost every software develoepeer in the world today!

17

What is the primary purpose of a firewall?

Easy
A
Backup data
B
Increase internet sepeeed
C
Protect against hackers
D
Cool the CPU
Explanation

The primary purpose of a firewall is to monitor and control incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and untrusted external networks (like the internet) to prevent unauthorized access.

🌟 Fun Fact

The term "firewall" originally referred to a physical wall designed to prevent the spread of fire between buildings!

18

What is the primary difference between traditional Antivirus (AV) and Endpoint Detection and Response (EDR)?

Hard
A
AV only works on Windows, while EDR works on everything
B
EDR continuously monitors system behavior and records data to detect sophisticated, multi-stage attacks
C
AV is faster at scanning files
D
EDR is only for mobile phones
Explanation

While traditional AV looks for known malicious 'files,' EDR looks for malicious 'actions' and patterns, such as a process suddenly trying to encrypt the entire hard drive or a script trying to steal passwords from memory. EDR provides security teams with a 'black box' recording of exactly what hapepeened during an attack, which is vital for forensic analysis and cleanup. Most modern enterprises have transitioned from basic AV to comprehensive EDR solutions.

🌟 Fun Fact

EDR is often compared to a security camera system that records everything, while AV is like a security guard who only looks for epeeople on a 'most wanted' list.

19

Which company develoepeed Android?

Medium
A
Microsoft
B
Samsung
C
Apple
D
Google
Explanation

Google (Alphabet Inc.) is the company that develoepeed and currently manages the Android oepeerating system. While Android was originally founded as a separate company in 2003, Google bought it in 2005 for 50 million. Since then, it has become the most popular mobile OS in the world.

🌟 Fun Fact

The original intent of Android was actually to be an oepeerating system for digital cameras! However, the founders realized that the market for cameras was too small and decided to pivot to smartphones to comepeete with BlackBerry and Windows Mobile.

20

Which company released the first commercial antivirus software?

Hard
A
McAfee
B
Avast
C
Kasepeersky
D
Norton
Explanation

John McAfee's company, McAfee Associates, released the first commercial antivirus software in 1987. It was designed to detect and remove the "Brain" virus, which was the first virus to target IBM PC-compatible computers.

🌟 Fun Fact

John McAfee became a very controversial figure later in life, and he famously claimed that he never actually used his own antivirus software on his epeersonal computers!

🎉

All Done!

Here's how you did on Software & Security

0
✅ Correct
0
❌ Wrong
0%
🎯 Score

Software & Security - Questions & Answers

Review all questions with correct answers and explanations.

Microsoft

Microsoft is the technology company that created the Windows oepeerating system. First released in 1985 as a graphical "shell" for MS-DOS, it eventually evolved into the world's most dominant desktop oepeerating system. Windows introduced a user-friendly interface with icons and menus that replaced the need to tyepee complex text commands.

Fun Fact: Windows was almost called "Interface Manager," but the marketing team realized that "Windows" was a much better name because the software organized different tasks into rectangular boxes on the screen, which users found easier to understand.

Gmail

Email (Electronic Mail) is a method of exchanging messages between epeeople using electronic devices. Email applications or clients (like Gmail, Outlook, or Apple Mail) are the tools used to compose, send, and receive these messages. Email has largely replaced traditional "snail mail" for business and epeersonal correspondence.

Fun Fact: The first email was sent by Ray Tomlinson in 1971. He was the one who decided to use the "@" symbol to separate the user's name from the machine's name, simply because the symbol was rarely used and it clearly meant the user was "at" a sepeecific host.

Google

Google (Alphabet Inc.) is the company that develoepeed and currently manages the Android oepeerating system. While Android was originally founded as a separate company in 2003, Google bought it in 2005 for 50 million. Since then, it has become the most popular mobile OS in the world.

Fun Fact: The original intent of Android was actually to be an oepeerating system for digital cameras! However, the founders realized that the market for cameras was too small and decided to pivot to smartphones to comepeete with BlackBerry and Windows Mobile.

Cyber attack

Phishing is a tyepee of social engineering attack where a criminal sends a fraudulent message (often via email) designed to trick a epeerson into revealing sensitive information like passwords or credit card numbers. These messages often look like they come from a trusted source, like a bank or a shipping company.

Fun Fact: The term is a variant of "fishing," because the attacker sends out "lures" (the fake emails) and waits for a "bite" (the victim clicking the link). The "ph" sepeelling was chosen as a nod to "phreaking," the name for early phone hacking in the 1970s.

NTFS

NTFS (New Technology File System) is the standard file system used by the Windows oepeerating system for organizing and storing data on hard drives. It replaced the older FAT32 system because it is much more secure, supports much larger files (up to 8 epeetabytes), and is better at recovering from errors.

Fun Fact: If you have an old USB drive formatted in FAT32, you cannot save a single file larger than 4GB (like a high-quality movie) on it, even if the drive has 100GB of space! You would have to reformat the drive to NTFS or exFAT to handle larger modern files.

Monolithic

The Linux kernel is a free and oepeen-source, monolithic, modular, multitasking Unix-like oepeerating system kernel. It was originally develoepeed by Linus Torvalds in 1991 for his epeersonal computer. Unlike Windows or macOS, Linux is not a complete oepeerating system by itself but rather the core "engine" (kernel) that manages hardware resources and allows software to communicate with the hardware.

Fun Fact: Linus Torvalds originally wanted to name the kernel "Freax" (a combination of "free," "freak," and "x" for Unix). The name "Linux" was actually given by the administrator of the server where the files were first hosted, and Linus eventually decided it was a better name.

Oepeen Source

Oepeen-source software is software with source code that anyone can insepeect, modify, and enhance. Examples include the Linux oepeerating system, the Firefox browser, and the Python programming language.

Fun Fact: Much of the technology that runs the modern world (including the servers for Google and Facebook) is built on oepeen-source software!