Assembly

Question 1

EAX

Answer 1

Extended Accumulator Register

Question 2

EBX

Answer 2

Extended Base Register

Question 3

ECD

Answer 3

Extended Counter Register

Question 4

EDX

Answer 4

Extended Data Register

Question 5

ESI

Answer 5

Extended Source Index

Question 6

EDI

Answer 6

Extended Destination Index

Question 7

EBP

Answer 7

Extended Base Pointer

Question 8

ESP

Answer 8

Extended Stack Pointer

Question 9

Z flag

Answer 9

Zero Flag, set when the result of the last operation is zero.

Question 10

S flag

Answer 10

Signed Flag, set to determine if values should be intercepted as as signed or unsigned.

Question 11

O flag

Answer 11

Overflow Flag, set when the result of the last operation switches the most significant bit from either F to 0 or 0 to F.

Question 12

C flag

Answer 12

Carry Flag, set when the result of the last operation changes the most significant bit.

Question 13

EIP

Answer 13

Extended Instruction Pointer:
Points to the next instruction to be executed.

Question 14

.text

Answer 14

Where program code is stored.

Question 15

.data

Answer 15

Where global data is stored.

Question 16

.stack

Answer 16

Where local variable and function arguments are stored.

Question 17

.heap

Answer 17

Extendable memory segment that programs can use whenever they need more memory space.

Question 18

Stack

Answer 18

Stores local variables and function arguments.

Organized as a “Last in First out” data structure. When something is added to it, it is added to the top and when something is removed, it is removed from the top. It grows backwards, from the highest memory address to the lowest.

ESP points to the top, which is done by decrementing ESP (because it grows backwards from highest address to the lowest).

Question 19

Stack Frames

Answer 19

Every process has at least one thread, and every thread has its own stack. And within the stack of every thread, each function has its own stack frame.

The base is the beginning of a stack frame.

The main function in every program has its stack, when it calls a function the called function creates its own stack frame which is marked out by the EBP that points to the beginning of the functions stack frame and the ESP that points to the top of the stack.

Question 20

Heap

Answer 20

Memory space that can be allocated by a process when it needs more memory.

Each process has one heap and it is shared among the different threads. All the threads share the same heap.

It is a linked-list data structure, and when the process doesn’t need the memory anymore, it frees the allocated heap, by de-referencing the position.