The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its

admin2013-12-19 13

问题 The following scenario applies to questions 26 and 27.
Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
Which of the following is Charlie most likely concerned with in this situation?

选项 A、Injection attacks
B、Memory block
C、Buffer overflows
D、Browsing attacks

答案C

解析 C正确。C编程语言很容易受到缓冲区溢出攻击，因为它的某些命令可以直接进行指针操作。特定的命令可以在不执行边界检查的情况下，直接访问低级别的内存地址。
A不正确。因为C编程语言不比其他语言更容易受到注入攻击。注入攻击通常不是发生在代码级别，而是由于接口接受了没有合理过滤和验证的数据而发生。
B不正确。因为这是一个干扰项。并不存在叫做“内存块”的官方编程语言漏洞。
D不正确。因为当某人审核敏感数据的各种资产时，就会发生浏览攻击。这个与编程语言无关，而是与访问控制的实施方式有关。

转载请注明原文地址:https://kaotiyun.com/show/FyhZ777K

CISSP认证

相关试题推荐

随机试题

最新回复(0)

The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its

CISSP认证

Thecountry’sinadequatementalhealthsystemgetsthemostattentionafterinstancesofmassviolencethatthenationhasseen

Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb

Nano-sizedtoothbrushesthatcancleanverysmallsurfaceshavebeendevelopedbyresearchers.Fabricatedoutofmillionsofcar

Inthe1930s,anAmericanmeatcompanycameoutwithaspicedhamproductsoldinacan.Beforelong,Spam,asitwascalled,be

Iftheworld’seducationsystemshaveacommonfocus,itistoturnoutschool-leaverswhoareproficientinmaths.Governments

[A]Marketforglasscraftsisgrowing[B]Dependenceofcomputerdevelopmentonglass[C]Behindtheadaptabilityofglass[D]

VirtualDriverDrivinginvolvessharpeyesandkeenears,analyzingwithabrain,andcoordinationbetweenhands,feetandb

Youboughtarefrigeratorseveraldaysagoandthereissomethingwrongwithit.Writealettertothestoretocomplainyourpr

Havetherealwaysbeencities?Thetrendiscitiesareincreasinglybecomingthedominantmodeofman’ssocialexistence.【T1】It

[A]AnElementalCurriculum[B]ExpectationsofEarlyTeachers[C]EducationasaPreparationforWorkingLife[D]Escalati

对于载脂蛋白(Apo)的功能，下列叙述中不恰当的是

下列对胶剂干燥的记述中，错误的是

关于工资费用分配表和折旧计算表的共同之处，下列说法错误的是()。

对个人储蓄存款，商业银行有权拒绝任何单位和个人的查询、冻结、扣划，但()另有规定除外。

在当代，世界各国都十分重视基础知识的教学，下列说法错误的是()。

在履行教育教学义务的活动中，教师必须遵守职业道德规范，最主要、最基本的是要坚持()。

【B1】【B16】

______Mr.Penningtonretires,hewillreceiveanannualpensionofmorethanfiftythousanddollarsfromPackardIncorporated.

A、Hewouldprefercallinghernextweek.B、Hewillletherdecideaboutthenextmeeting.C、Hewouldliketobuysomerefreshmen