FiltersDone

Question type

Essay

Multiple Choice

Short Answer

True False

Matching

Exam 10: Buffer Overflow

Show Answer

Share

---

All types

Filters

Study FlashcardsPractice ExamLearn

Question 1

Short Answer

Review LaterAdd Note

Review Later

A ________ is a condition where more input is placed into a buffer or data holding area than the capacity allocated and thus overwrites other information.

Correct Answer

verified

buffer ove...

View Answer

Show Answer

Question 2

True/False

Review LaterAdd Note

Review Later

The JAVA programming language is extremely vulnerable to buffer overflows.

Correct Answer

verified

Show Answer

Question 3

Short Answer

Review LaterAdd Note

The _________ project produces a free,multiplatform 4.4BSD-based UNIX-like operating system.

The possibility of overwriting the saved frame pointer and return address forms the core of a stack overflow attack.

Randomizing the allocation of memory on the heap makes the possibility of predicting the address of targeted buffers extremely difficult,thus thwarting the successful execution of some __________ attacks.

The x86 Assembly Language Instruction NOP means _______.

Memory is requested from the ______ by programs for use in dynamic data structures,such as linked lists of records.

A _______ can occur as a result of a programming error when a process attempts to store data beyond the limits of a fixed-size buffer.

Stackshield,Return Address Defender and ________ are GCC compiler extensions that insert additional function entry and exit code.

_______ defenses involve changes to the memory management of the virtual address space of processes that act to either alter the properties of regions of memory or to make predicting the location of target buffers sufficiently difficult to thwart many types of attacks.

The _______ exploited a buffer overflow in Microsoft SQL Server 2000.

The attacker can specify the return address used to enter code as a location somewhere in the run of NOPs,which is called a NOP ______.

The only consequence of a buffer overflow attack is the possible corruption of data used by the program.

In 1996 ________ published "Smashing the Stack for Fun and Profit" in Phrack magazine,giving a step-by-step introduction to exploiting stack-based buffer overflow vulnerabilities.

Shellcode is not specific to a particular processor architecture.

________ involve buffers located in the program's global (or static) data area.

A runtime technique that can be used is to place ________ between critical regions of memory in a processes address space.

A _________ can occur as a result of a programming error when a process attempts to store data beyond the limits of a fixed-sized buffer and consequently overwrites adjacent memory locations.

A _______ overflow occurs when the targeted buffer is located on the stack,usually as a local variable in a function's stack frame.

Buffer overflow attacks result from careless programming in applications.