Home / Engineering & CS / Computer Science /1. Answer the following multiple choice questions (one or more correct answers). (1 point * 13) 1. Which of the following types of locations in a process address space that buffer overflow attacks typically target? a) Stack b) Heap c) Code 2. Which of the following are common defenses against stack buffer overflow? a) Address Space Layout Randomization (ASLR) b) DEP/Non-executable stack c) Control-Flow Integrity (CFI) 3. Which programming languages are vulnerable to stack buffer overflow? a) C b) Java c) Assembly 4. How can a stack buffer overflow hijack the control flow of the program? a) Overwriting the return address on the stack b) Overwriting a function pointer on the stack c) Overwriting the saved stack frame pointer (saved EBP) 5) With DEP defense enabled, which of the following becomes impossible? a) Overwriting the return address on the stack b) Injecting shellcode onto the stack and execute it by jumping to it c) Finding a useful gadget to jump to in Return-Oriented Programming (ROP) 6) In the ROP attack, which register now plays the role similar to that of instruction pointer (EIP)? a) EAX b) ESP C) EBP 7) Which defenses have been (partially) deployed in modern operating systems? a) Access control list b) ASLR c) Control-Flow Integrity (CFI) 8) Which are the reasons why blind ROP attack against a web server works despite the fact that all modern defenses are deployed? a) Web server forks a child process with the same address space layout every time to serve a new connection b) Stack canary value stays the same even if a guess is wrong c) The version of enabled ASLR does not provide sufficient randomness 9) How does the blind ROP attack determine if a code sequence contains the desired gadget (since it's blind)? a) It learns the address of the gadget by obtaining a copy of the binary beforehand b) It sets up the stack in special ways so that the detected gadget will be uniquely identifiable c) It leverages the feedback about whether a server has crashed or not 10) Which of the following of x86 architecture makes overlapping instructions possible (ie, one can jump to the middle of an instruction and the CPU can recognize it as a different valid instruction? yet a) Instruction lengths are not multiples of 8 bits b) Instructions have variable length c) Most byte sequences are legal instructions 11) What are some examples that conceptually map to the BLP or Biba model? a) in buffer overflow, command line argument is considered a low-integrity object. A root process is considered a high-integrity subject that should not be allowed to read the low. integrity data (thus allowing control flow to be hijacked) b) In time-of-check, time-of-use attack, the file or directory controlled by an attacker is considered a low-integrity object. A root process is considered a high integrity subject that should not be allowed to read the low-integrity data (thus being tricked to perform unintended operations) c) in directory traversal attack, the passwd file is considered the high-secrecy object. A root process (web server) is considered a low-secrecy subject since it needs to read the public HTML files and serve them to clients. A low-secrecy subject should not be allowed to read a high-secrecy object (thus leaking the passwd file unintendedly) 12) Which of the following about resource access attacks are correct? a) They are caused by mismatches of expectations (e.g., high-integrity subjects expect high- integrity objects but mistakenly got low-integrity objects). b) We need to look at both the code and access control policy to identify resource access attacks c) They are caused by violations of BLP or Biba security policies. 13) in computer security, there's a well-known principle called principle of the least privilege. The idea is that every subject (process, user, program) should have access to only the information and resources they absolutely need (no more should be allowed). Which of the following are correct based on your judgement? a) Not running processes as root when not necessary (e.g., chrome or firefox) is a one example of principle of least privilege b) The reasoning behind the principle is to prevent an attacker to compromise a subject c) The reasoning behind the principle is to reduce the damage once a subject is compromised

Question 1. Answer the following multiple choice questions (one or more correct answers). (1 point * 13) 1. Which of the following types of locations in a process address space that buffer overflow attacks typically target? a) Stack b) Heap c) Code 2. Which of the following are common defenses against stack buffer overflow? a) Address Space Layout Randomization (ASLR) b) DEP/Non-executable stack c) Control-Flow Integrity (CFI) 3. Which programming languages are vulnerable to stack buffer overflow? a) C b) Java c) Assembly 4. How can a stack buffer overflow hijack the control flow of the program? a) Overwriting the return address on the stack b) Overwriting a function pointer on the stack c) Overwriting the saved stack frame pointer (saved EBP) 5) With DEP defense enabled, which of the following becomes impossible? a) Overwriting the return address on the stack b) Injecting shellcode onto the stack and execute it by jumping to it c) Finding a useful gadget to jump to in Return-Oriented Programming (ROP) 6) In the ROP attack, which register now plays the role similar to that of instruction pointer (EIP)? a) EAX b) ESP C) EBP 7) Which defenses have been (partially) deployed in modern operating systems? a) Access control list b) ASLR c) Control-Flow Integrity (CFI) 8) Which are the reasons why blind ROP attack against a web server works despite the fact that all modern defenses are deployed? a) Web server forks a child process with the same address space layout every time to serve a new connection b) Stack canary value stays the same even if a guess is wrong c) The version of enabled ASLR does not provide sufficient randomness 9) How does the blind ROP attack determine if a code sequence contains the desired gadget (since it's blind)? a) It learns the address of the gadget by obtaining a copy of the binary beforehand b) It sets up the stack in special ways so that the detected gadget will be uniquely identifiable c) It leverages the feedback about whether a server has crashed or not 10) Which of the following of x86 architecture makes overlapping instructions possible (ie, one can jump to the middle of an instruction and the CPU can recognize it as a different valid instruction? yet a) Instruction lengths are not multiples of 8 bits b) Instructions have variable length c) Most byte sequences are legal instructions 11) What are some examples that conceptually map to the BLP or Biba model? a) in buffer overflow, command line argument is considered a low-integrity object. A root process is considered a high-integrity subject that should not be allowed to read the low. integrity data (thus allowing control flow to be hijacked) b) In time-of-check, time-of-use attack, the file or directory controlled by an attacker is considered a low-integrity object. A root process is considered a high integrity subject that should not be allowed to read the low-integrity data (thus being tricked to perform unintended operations) c) in directory traversal attack, the passwd file is considered the high-secrecy object. A root process (web server) is considered a low-secrecy subject since it needs to read the public HTML files and serve them to clients. A low-secrecy subject should not be allowed to read a high-secrecy object (thus leaking the passwd file unintendedly) 12) Which of the following about resource access attacks are correct? a) They are caused by mismatches of expectations (e.g., high-integrity subjects expect high- integrity objects but mistakenly got low-integrity objects). b) We need to look at both the code and access control policy to identify resource access attacks c) They are caused by violations of BLP or Biba security policies. 13) in computer security, there's a well-known principle called principle of the least privilege. The idea is that every subject (process, user, program) should have access to only the information and resources they absolutely need (no more should be allowed). Which of the following are correct based on your judgement? a) Not running processes as root when not necessary (e.g., chrome or firefox) is a one example of principle of least privilege b) The reasoning behind the principle is to prevent an attacker to compromise a subject c) The reasoning behind the principle is to reduce the damage once a subject is compromised

RSQ5VT The Asker · Computer Science

Transcribed Image Text: 1. Answer the following multiple choice questions (one or more correct answers). (1 point * 13) 1. Which of the following types of locations in a process address space that buffer overflow attacks typically target? a) Stack b) Heap c) Code 2. Which of the following are common defenses against stack buffer overflow? a) Address Space Layout Randomization (ASLR) b) DEP/Non-executable stack c) Control-Flow Integrity (CFI) 3. Which programming languages are vulnerable to stack buffer overflow? a) C b) Java c) Assembly 4. How can a stack buffer overflow hijack the control flow of the program? a) Overwriting the return address on the stack b) Overwriting a function pointer on the stack c) Overwriting the saved stack frame pointer (saved EBP) 5) With DEP defense enabled, which of the following becomes impossible? a) Overwriting the return address on the stack b) Injecting shellcode onto the stack and execute it by jumping to it c) Finding a useful gadget to jump to in Return-Oriented Programming (ROP) 6) In the ROP attack, which register now plays the role similar to that of instruction pointer (EIP)? a) EAX b) ESP C) EBP 7) Which defenses have been (partially) deployed in modern operating systems? a) Access control list b) ASLR c) Control-Flow Integrity (CFI) 8) Which are the reasons why blind ROP attack against a web server works despite the fact that all modern defenses are deployed? a) Web server forks a child process with the same address space layout every time to serve a new connection b) Stack canary value stays the same even if a guess is wrong c) The version of enabled ASLR does not provide sufficient randomness 9) How does the blind ROP attack determine if a code sequence contains the desired gadget (since it's blind)? a) It learns the address of the gadget by obtaining a copy of the binary beforehand b) It sets up the stack in special ways so that the detected gadget will be uniquely identifiable c) It leverages the feedback about whether a server has crashed or not 10) Which of the following of x86 architecture makes overlapping instructions possible (ie, one can jump to the middle of an instruction and the CPU can recognize it as a different valid instruction? yet a) Instruction lengths are not multiples of 8 bits b) Instructions have variable length c) Most byte sequences are legal instructions 11) What are some examples that conceptually map to the BLP or Biba model? a) in buffer overflow, command line argument is considered a low-integrity object. A root process is considered a high-integrity subject that should not be allowed to read the low. integrity data (thus allowing control flow to be hijacked) b) In time-of-check, time-of-use attack, the file or directory controlled by an attacker is considered a low-integrity object. A root process is considered a high integrity subject that should not be allowed to read the low-integrity data (thus being tricked to perform unintended operations) c) in directory traversal attack, the passwd file is considered the high-secrecy object. A root process (web server) is considered a low-secrecy subject since it needs to read the public HTML files and serve them to clients. A low-secrecy subject should not be allowed to read a high-secrecy object (thus leaking the passwd file unintendedly) 12) Which of the following about resource access attacks are correct? a) They are caused by mismatches of expectations (e.g., high-integrity subjects expect high- integrity objects but mistakenly got low-integrity objects). b) We need to look at both the code and access control policy to identify resource access attacks c) They are caused by violations of BLP or Biba security policies. 13) in computer security, there's a well-known principle called principle of the least privilege. The idea is that every subject (process, user, program) should have access to only the information and resources they absolutely need (no more should be allowed). Which of the following are correct based on your judgement? a) Not running processes as root when not necessary (e.g., chrome or firefox) is a one example of principle of least privilege b) The reasoning behind the principle is to prevent an attacker to compromise a subject c) The reasoning behind the principle is to reduce the damage once a subject is compromised
More
Transcribed Image Text: 1. Answer the following multiple choice questions (one or more correct answers). (1 point * 13) 1. Which of the following types of locations in a process address space that buffer overflow attacks typically target? a) Stack b) Heap c) Code 2. Which of the following are common defenses against stack buffer overflow? a) Address Space Layout Randomization (ASLR) b) DEP/Non-executable stack c) Control-Flow Integrity (CFI) 3. Which programming languages are vulnerable to stack buffer overflow? a) C b) Java c) Assembly 4. How can a stack buffer overflow hijack the control flow of the program? a) Overwriting the return address on the stack b) Overwriting a function pointer on the stack c) Overwriting the saved stack frame pointer (saved EBP) 5) With DEP defense enabled, which of the following becomes impossible? a) Overwriting the return address on the stack b) Injecting shellcode onto the stack and execute it by jumping to it c) Finding a useful gadget to jump to in Return-Oriented Programming (ROP) 6) In the ROP attack, which register now plays the role similar to that of instruction pointer (EIP)? a) EAX b) ESP C) EBP 7) Which defenses have been (partially) deployed in modern operating systems? a) Access control list b) ASLR c) Control-Flow Integrity (CFI) 8) Which are the reasons why blind ROP attack against a web server works despite the fact that all modern defenses are deployed? a) Web server forks a child process with the same address space layout every time to serve a new connection b) Stack canary value stays the same even if a guess is wrong c) The version of enabled ASLR does not provide sufficient randomness 9) How does the blind ROP attack determine if a code sequence contains the desired gadget (since it's blind)? a) It learns the address of the gadget by obtaining a copy of the binary beforehand b) It sets up the stack in special ways so that the detected gadget will be uniquely identifiable c) It leverages the feedback about whether a server has crashed or not 10) Which of the following of x86 architecture makes overlapping instructions possible (ie, one can jump to the middle of an instruction and the CPU can recognize it as a different valid instruction? yet a) Instruction lengths are not multiples of 8 bits b) Instructions have variable length c) Most byte sequences are legal instructions 11) What are some examples that conceptually map to the BLP or Biba model? a) in buffer overflow, command line argument is considered a low-integrity object. A root process is considered a high-integrity subject that should not be allowed to read the low. integrity data (thus allowing control flow to be hijacked) b) In time-of-check, time-of-use attack, the file or directory controlled by an attacker is considered a low-integrity object. A root process is considered a high integrity subject that should not be allowed to read the low-integrity data (thus being tricked to perform unintended operations) c) in directory traversal attack, the passwd file is considered the high-secrecy object. A root process (web server) is considered a low-secrecy subject since it needs to read the public HTML files and serve them to clients. A low-secrecy subject should not be allowed to read a high-secrecy object (thus leaking the passwd file unintendedly) 12) Which of the following about resource access attacks are correct? a) They are caused by mismatches of expectations (e.g., high-integrity subjects expect high- integrity objects but mistakenly got low-integrity objects). b) We need to look at both the code and access control policy to identify resource access attacks c) They are caused by violations of BLP or Biba security policies. 13) in computer security, there's a well-known principle called principle of the least privilege. The idea is that every subject (process, user, program) should have access to only the information and resources they absolutely need (no more should be allowed). Which of the following are correct based on your judgement? a) Not running processes as root when not necessary (e.g., chrome or firefox) is a one example of principle of least privilege b) The reasoning behind the principle is to prevent an attacker to compromise a subject c) The reasoning behind the principle is to reduce the damage once a subject is compromised

Related Questions

Design a graph with at least 4 components biconnected, each component with three or more nodes. Show the steps of an algorithm to identify the biconnected nodes. Only the algorithm is required. However, if you would like to run it on a program, you can use python or java to do so
11.60 Consider the flow of air through the piping system shown in Fig. P11.60. If the system is choked, determine the location where the Mach number is 1. Calculate the pressure ratio pb/Po, that causes choking in this system. 100 in 100 in Pв PO то 4 1.5 in diameter 1 in diameter Short nozzle 0.0030 in 1.5 in pipe 0.0035 in 1 in pipe
The worldwide market share for the Chrome web browser was 56.43% in a recent month. Suppose that you decide to select a sample of 100 students at your university and you find that 60 use the Chrome web browser. a. Use the five-step p-value approach to determine whether there is evidence that the market share for the Chrome web browser at your university is greater than the worldwide market share of 56.43%. (Use the 0.05 level of significance.) b. Suppose that the sample size is n = 600, and you find that 60% of the sample of students at your university (360 out of 600) use the Chrome web browser. Use the five-step p-value approach to try to determine whether there is evidence that the market share for the Chrome web browser at your university is greater than the worldwide market share of 56.43%. (Use the 0.05 level of significance.) c. Discuss the effect that sample size has on hypothesis testing. d. What do you think are your chances of rejecting any null hypothesis concerning a population proportion if a sample size of n = 20 is used?
Find the magnitude of the resultant force and the angle it makes with the positive x-axis. (Let a = 26 lb and b = 12 lb. Round your answers to one decimal place.) Find the magnitude of the resultant force and the angle it makes with the positive x-axis. (Let a = 26 lb and b = 12 lb. Round your answers to one decimal place.)
Harley-Davidson is known for its strong brand name and loyal following and yet by 1980 Harley was on the verge of bankruptcy. Why was Harley in deep trouble even with such a strong brand name? a) Harley-Davidson cannot compete in foreign markets b) Competitors beat Harley on reliability and cost c) All of the above d) Harley-Davidson bikes are technologically inferior COURSE: STRATEGIC BUSINESS DECISIONS
Suppose that a wind is blowing in the direction S45°E at a speed of 30 km/h. A pilot is steering a plane in the direction N60°E at an airspeed (speed in still air) of 200 km/h. The true course, or track, of the plane is the direction of the resultant of the velocity vectors of the plane and the wind. The ground speed of the plane is the magnitude of the resultant. Find the true course and the ground speed of the plane. (Round your answers to one decimal place.)
About
About
Blog
Sitemap
More
Help Center
Become an Expert
Download App
Legal
Terms of Service
Privacy Policy
Honor Code
Copyright Policy
Contact
contact@studyx.im
Facebook
Instagram
Twitter
YouTube
Copyright © 2023 StudyX Inc