More
    HomeSTUDY MATERIALCyber SecurityComputer System Security 3rd Week Solution

    Computer System Security 3rd Week Solution

    Published on

    Disclaimer for ReGyan

    If you require any more information or you have any problem regarding Copyright or have any questions about our site’s disclaimer, please feel free to contact us by email at hello@regyan.com.

     


    Disclaimers for ReGyan

    All the information on this website is published in good faith and for general information and educational purpose only. ReGyan does not make any warranties about the completeness, reliability, and accuracy of this information. Any action you take upon the information you find on this website (regyan.com), is strictly at your own risk. will not be liable for any losses and/or damages in connection with the use of our website.

     


    Computer System Security 3rd Week Solution is given below.

    Also See:- Computer System Security 4rd Week Solution

    [1] The below function is part of a program that is running on a 32-bit x86 system; the compiler does not change the order of variables on the stack.

    void function(char *input) {

      int i = 1;

      char buffer[8];

      int j = 2;

         strcpy(buffer,input);

         printf(“%x %x %s\n”,i,j,buffer);

    }

    What is the minimum length of a string passed to the function through the input parameter that can crash the application?

    • (a) 10
    • (b) 11
    • (c) 12
    • (d) 13

    Answer:(c) 12

    [2] Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.

    • (a) C, Ruby
    • (b) C, C++
    • (c)  Python, Ruby
    • (d) C, Python

    Answer(b) C, C++

    [3] _____________ buffer overflows, which are more common among attackers.

    • (a) Memory-based
    • (b) Queue-based
    • (c) Stack-based
    • (d) Heap-based

    Must See:- Google Recruitment 2020 Apply for Software and Other

    Answer(C) Stack-based

    [4] Malicious code can be pushed into the _________ during ______________ attack.

    • (a) stack, buffer-overflow
    • (b) queue, buffer-overflow
    • (c) memory-card, buffer-overflow
    • (d) external drive, buffer-overflow




    Answer( a) stack, buffer-overflow

    [5] Which of the following string library functions is unsafe for buffer?

    • (a) gets (char * str)
    • (b) strcat (char * destination, const char * source)
    • (c) strcpy (char * destination, const char * source)
    • (d) All of the above

    Answer(d) All of the above

    [6] Which of the following statements is correct with respect to integer overflow?

    • (a) It is a result of an attempt to store a value greater than the maximum value an integer can store
    • (b) Integer overflow can compromise a program’s reliability and security
    • (c) Both A and B
    • (d) None of the above

    Answer(C) Both A and B

    [7] If an integer data type allows integers up to two bytes or 16 bits in length (or an unsigned number up to decimal 65,535), and two integers are to be added together that will exceed the value of 65,535, the result will be:

    • (a) Buffer Overflow
    • (b) Integer Overflow
    • (c) Stack Overflow
    • (d) Heap Overflow

    Answer(b)  Integer Overflow

    [8] Integer overflow bugs in programs are difficult to track down and may lead to fatal errors or exploitable vulnerabilities.

    • (a) True
    • (b) False




    Answer(a) True

    Also See:- Youtube Channel Like and Subscribe

    [9] One way of detecting integer overflows is by using a modified compiler to insert runtime checks.

    • (a) True
    • (b) False

    Answer(a) True

    [10] A format string is a ____ string that contains ___ and ____ parameters.

    • (a) Format, text, ASCII
    • (b) Text, ASCII, format
    • (c) ASCII, text, format
    • (d) None of the above

    Answer(c) ASCII, text, format

    [11] Which of the following is not a format function in C?

    • (a) fprintf()
    • (b) vsfprint()
    • (c) vfprintf()
    • (d) vsprintf()

    Answer(b) vsfprint()

    [12] What is the purpose of format functions?

    • (a) They are used to convert simple C data types to a string representation
    • (b) They allow to specify the format of the representation
    • (c) They process the resulting string (output to stderr, stdout, syslog, …)
    • (d) All of the above

    Answer(d) All of the above

    [13] The behaviour of the _______ is controlled by the ________

    • (a) format function, format string
    • (b) format string, format function
    • (c) Both A and B
    • (d) None of the above




    Answer(a) format function, format string

    [14] Identify whether the following code has format string vulnerability or not. char tmpbuf[512]; snprintf (tmpbuf, sizeof (tmpbuf), “foo: %s”, user); tmpbuf[sizeof (tmpbuf) – 1] = ’\0’; syslog (LOG_NOTICE, tmpbuf);

    • (a) No
    • (b) Yes

    Answer(b) Yes

    So that is the solution of Computer System Security 3rd Week Solution and all the answers are correct.

    Latest articles

    GlobalLogic .NET DEVELOPER 2022 Apply Now

    About GlobalLogic GlobalLogic .NET DEVELOPER 2022 is now available, Interested candidates can apply from the...

    Zeta Mobile Internship 2022 Apply Now

    About Zeta Zeta Mobile Internship 2022 is now available for 2023 and 2024 passing out...

    Texas Instruments Application Developer 2022 Apply Now

    About Texas Instruments Texas Instruments Application Developer 2022 is now open for all the freshers...

    NXP Embedded Software Engineer 2022 Apply Now

    About NXP NXP Embedded Software Engineer 2022 is now available so all interested candidates can...

    More like this

    GlobalLogic .NET DEVELOPER 2022 Apply Now

    About GlobalLogic GlobalLogic .NET DEVELOPER 2022 is now available, Interested candidates can apply from the...

    Zeta Mobile Internship 2022 Apply Now

    About Zeta Zeta Mobile Internship 2022 is now available for 2023 and 2024 passing out...

    Texas Instruments Application Developer 2022 Apply Now

    About Texas Instruments Texas Instruments Application Developer 2022 is now open for all the freshers...