Disclaimer for ReGyan
If you require any more information or you have any problem regarding Copyright or have any questions about our site’s disclaimer, please feel free to contact us by email at hello@regyan.com.
Disclaimers for ReGyan
All the information on this website is published in good faith and for general information and educational purpose only. ReGyan does not make any warranties about the completeness, reliability, and accuracy of this information. Any action you take upon the information you find on this website (regyan.com), is strictly at your own risk. will not be liable for any losses and/or damages in connection with the use of our website.
Also See:- Computer System Security 7th Week Solution
Computer System Security 4rd Week Solution is given below.
[1] Which of the following is an example of control hijacking?
- (a) Buffer overflow attacks
- (b) Integer overflow attacks
- (c) Format string vulnerabilities
- (d) All of the above
Answer (d) All of the above
[2] The overflows exploits can be detected by ______.
- (a) adding runtime code
- (b) adding vulnerabilities
- (c) adding buffer
- (d) None of the above
Answer(a) adding runtime code
[3] Which of the following is an example of automated tool for software audit in prevention of control hijacking attacks?
- (a) Coverity
- (b) Prefix/Prefast
- (c) Both A and B
- (d) None of the above
Answer(c) Both A and B
[4] Overflow code execution can be prevented by:
- (a) halting the process
- (b) fixing bugs
- (c) adding more memory
- (d) marking the stack and heap segments as non-executable
Answer(d) marking the stack and heap segments as non-executable
[5] Arbitrary programs can be best generated using only the existing code ______.
- (a) return oriented programming
- (b) object oriented programming
- (c) functional programming
- (d) logical programming
Answer(a) return oriented programming
[6] Which of the following is correct for Return Oriented Programming?
- (a) It is a computer security exploit technique that allows an attacker to execute code in the presence of security defences such as DEP and code signing
- (b) These types of attacks arise when an adversary manipulates the call stack by taking advantage of a bug in the program, often a buffer overflow.
- (c) Return-oriented programming is an advanced version of a stack smashing attack.
- (d) All of the above
Answer(d) All of the above
Also See:- Google Recruitment 2020 Apply for Software and Other
[7] In ASLR, an attacker cannot jump directly to execute function.
- (a) True
- (b) False
Answer(a) True
[8] In the context of cyber security, what does ISR stands for?
- (a) Information Storage and Retrieval
- (b) Intermediate Session Routing
- (c) Instruction Set Randomization
- (d) Interrupt Service Routine
Answer(c) Instruction Set Randomization
[9] Which of the following is not a method of randomization?
- (a) ASLR
- (b) ISR
- (c) Sys-call randomization
- (d) Memory randomization
Answer(d) Memory randomization
[10] _____ is only applied to images for which the dynamic-relocation flag is set.
- (a) ASLR
- (b) ISR
- (c) Sys-call randomization
- (d) None of the above
Answer(a) ASLR
[11] Which of the following mark memory regions as non-executable, such that an attempt to execute machine code in these regions will cause an exception?
- (a) Return Oriented Programming
- (b) Data Execution Prevention
- (c) Randomization
- (d) None of the above
Must See:- York Science Scholars Award 2020 Apply Online
Answer(b) Data Execution Prevention
[12] In the context of cyber security, PTE stands for:
- (a) Process Table Entries
- (b) Public Test Environment
- (c) Path Terminating Equipment
- (d) Page Table Entry
Answer(d) Page Table Entry
Computer System Security 4rd Week Solution is given below. the solution of Computer System Security 4rd Week Solution and all the answers are correct.