MULTIPLE CHOICE QUESTIONS: 1. ________ involve buffers located in the program’s

Question

MULTIPLE CHOICE QUESTIONS:

1. ________ involve buffers located in the program’s global (or static) data area.

                        A. Heap overflows                             B. Stack buffer overflows

                        C. Global Data Area Overflows        D. Position overflows

2. In SELinux objects include not only files and directories but also other processes and various system resources in ______________.

A.   kernel space only

B.   both kernel space and userland

C.    remote RAID, USB flash memory and network storage.          

D.   None of the above

3. __________ will integrate with the operating system of a host computer and monitor program behavior in real time for malicious actions.

                       A. Fingerprint-based scanners           B. Action-blocking scanners

                       C. Generic decryption technology     D. Heuristic scanners

E.   None of the above

4. A ___________ is a root-owned program with its setuid bit set; that is, a program that runs as root no matter who executes it.

A.   setgid root program             B.   setsid root program

C.   setuid root program             D. None of the above

5. A __________ attack is a bot attack on a computer system or network that causes a loss of service to users.

                                   A. spam                                  B. phishing

                                   C. DDoS                                D. sniff

            E.   None of the above

Explanation / Answer

Answer:

1)

C. Global Data Area Overflows

This attack involves buffers located in the program's global (or static) data area. If unsafe buffer operations are used, data may overflow a global buffer and change adjacent memory locations, including one with a function pointer. Later the attacked program may call the overwritten function pointer and will transfer control to shellcode of the attacker's choice.

3)

A. Fingerprint-based scanners      

Unlike heuristics or fingerprint-based scanners, behavior-blocking software integrates with the operating system of a host computer and monitors program behavior in real-time for malicious actions. The behavior blocking software then blocks potentially malicious actions before they have a chance to affect the system

4)

C.   setuid root program

To two of the most dangerous permissions bits in the UNIXWorld: setuid and segid. If set on an executable binary file, the setuid bit

Causes that program to "run as" its owner, no matter who executes it

5)

C. DDoS   

Botnet - a collection of compromised computers that can be controlled by remote perpetrators to perform various types of attacks on other computers or networks. A known example of botnet usage is within the distributed denial of service attack where multiple systems submit as many request as possible to the victim machine in order to overload it with incoming packets. Botnets can be otherwise used to send out span, spread viruses and spyware and as well to steal personal and confidential information which afterwards is being forwarded to the botmaster.

Related Questions

Navigate

• Browse (All)
• Browse M
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.