exam 1 review Flashcards
Security mechanisms typically do not involve more than one particular algorithm or protocol (T/F)
false
The first step in devising security services and mechanisms is to develop a security policy (T/F)
true
To exploit any type of buffer overflow the attacker needs to identify a buffer overflow vulnerability in some program that can be triggered using externally sourced data under the attacker’s control (T/F)
true
Shellcode is not specific to a particular processor architecture
false
An attacker can generally determine in advance exactly where the targeted buffer will be located in the stack frame of the function in which it is defined.
false
It is possible to write a compiler tool to check any C program and identify all possible buffer overflow bugs.
false
The OpenSSL heartbleed vulnerability would have been prevented if OpenSSL had been implemented in Java (and the Java runtime environment works properly).
True
ASLR (if implemented correctly) can prevent return‐to‐libc attacks
True
_____ assures that individuals control or influence what information related to them may be collected and stored and by whom and to whom that information may be disclosed.
Privacy
____ assures that a system performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system.
System Integrity
A loss of _______ is the unauthorized disclosure of information.
confidentiality
A flaw or weakness in a system?s design, implementation, or operation and management that could be exploited to violate the system?s security policy is a(n) ______.
vulnerability
An assault on system security that derives from an intelligent act that is a deliberate attempt to evade security services and violate the security policy of a system is a(n) _____.
attack
A(n) ______ is an action, device, procedure, or technique that reduces a threat, a vulnerability, or an attack by eliminating or preventing it, by minimizing the harm it can cause, or by discovering and reporting it so that correct action can be taken.
countermeasure
An example of ______ is an attempt by an unauthorized user to gain access to a system by posing as an authorized user.
masquerade
The assurance that data received are exactly as sent by an authorized entity is _____.
data integrity
A consequence of a buffer overflow error is _____.
(all of the above)
- corruption of data used by the program
- unexpected transfer of control in the program
- possible memory access violation
The function of ______ was to transfer control to a user command‐line interpreter, which gave access to any program available on the system with the privileges of the attacked program.
shellcode
______ is a form of buffer overflow attack.
(all of the above)
- Heap overflows
- Return to system call
- Replacement stack frame
A buffer can be located ______.
(all of the above)
- in the heap
- on the stack
- in the data section of the process
Each layer of code needs appropriate hardening measures in place to provide appropriate security services.
True
It is possible for a system to be compromised during the installation process.
True
The default configuration for many operating systems usually maximizes security.
False
A malicious driver can potentially bypass many security controls to install malware.
True