TRUE/FALSE QUESTIONS: 1. C’s designers placed much more emphasis on space effici

Question

TRUE/FALSE QUESTIONS:

1. C’s designers placed much more emphasis on space efficiency and performance considerations than on type safety.

2. An effective method for protecting programs against classic stack overflow attacks is to instrument the function entry and exit code to setup and then check its stack frame for any evidence of corruption.

3. From the attacker’s perspective, the challenge in cracking a Linux system therefore boils down to gaining root privileges.

4. AppArmor is built on the assumption that the single biggest attack vector on most systems is application vulnerabilities. If the application's behavior is restricted, then the behavior of any attacker who succeeds in exploiting some vulnerability in that application will also be restricted.

5. A very common configuration fault seen with Web and file transfer servers is for all the files supplied by the service to be owned by the same “user” account that the server executes as.

Explanation / Answer

1. TRUE. Type safety and data structure handling should be done carefully by the developers.

2. TRUE. It is a popular stack protection mechanism.

3. TRUE. Because with the root privileges, the attacker can control the whole file system, processes and override all security policies of the system.

4. TRUE. This is done in order to focus more on the application than role or classified data.

5. FALSE. These servers support client accounts with necessary, applicable privileges on the files.

Related Questions

Navigate

• Browse (All)
• Browse T
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.