首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
admin
2013-12-19
16
问题
The following scenario applies to questions 26 and 27.
Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
Which of the following is Charlie most likely concerned with in this situation?
选项
A、Injection attacks
B、Memory block
C、Buffer overflows
D、Browsing attacks
答案
C
解析
C正确。C编程语言很容易受到缓冲区溢出攻击,因为它的某些命令可以直接进行指针操作。特定的命令可以在不执行边界检查的情况下,直接访问低级别的内存地址。
A不正确。因为C编程语言不比其他语言更容易受到注入攻击。注入攻击通常不是发生在代码级别,而是由于接口接受了没有合理过滤和验证的数据而发生。
B不正确。因为这是一个干扰项。并不存在叫做“内存块”的官方编程语言漏洞。
D不正确。因为当某人审核敏感数据的各种资产时,就会发生浏览攻击。这个与编程语言无关,而是与访问控制的实施方式有关。
转载请注明原文地址:https://kaotiyun.com/show/FyhZ777K
0
CISSP认证
相关试题推荐
Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb
Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb
RoboticHighwayConesAUniversityofNebraskaprofessorhasdevelopedroboticconesandbarrels.____41____Theycanevenbe
TheU.S.spaceagency,NASA,isplanningtolaunchasatellitethatscientistshopewillanswerfundamentalquestionsaboutthe
TimeintheAnimalWorldRhythmcontrolseverythinginNature.41Thesunprovidesabasictimerhythmforalllivingcr
Ofallthegoodsandservicestradedinthemarketeconomy,pharmaceuticalsareperhapsthemostcontentious.Thoughproducedby
[A]Whattodoasastudent?[B]Variousdefinitionsofplagiarism[C]Ideasshouldalwaysbesourced[D]Ignorancecanbeforgi
Writeanessayof160-200wordsbasedonthefollowingdrawing.Inyouressay,youshould1)describethedrawingbriefly,
Havetherealwaysbeencities?Thetrendiscitiesareincreasinglybecomingthedominantmodeofman’ssocialexistence.【T1】It
Familiarasitmayseem,gravityremainsamysterytomodernphysics.Despiteseveraldecadesoftrying,scientistshavefailed
随机试题
A.长期营养监测B.规划效果评价性监测C.及时报警D.干预监测E.人群营养定期监测利用已制定的政策和规划,监测人群营养指标的变化可用的营养监测方法是
血管造影时,引入对比剂的方法属于
风湿性舞蹈病应采用以下哪项处理
胡某雇用高某为其建房,在建房过程中,高某拿起一根钢筋时,不小心触碰到高压电线,触电死亡。后高某的家人即以胡某和供电公司为被告诉至法院。如果供电公司设置的高压线完全符合规定,下列说法正确的有()。
银行最为复杂的风险种类是()。
简述义务教育阶段语文课程的总体目标与内容。
群众工作是公安工作的重要内容之一,下列方法有助于提高民警服务群众工作能力的是()。
如果要选择ARM处理器工作在外部中断模式,允许外部中断IRQ,禁止快速中断FIQ,使用Thumb工作状态,则需要设置的寄存器是()。
•Youwillhearapresentationaboutanintroductionofaracketgoodssportingcompany.•Asyoulisten,forquestions1—12,comp
ThearomaofchocolateperfumestheairoftheRued’AssasinParis.EnteringChristianConstant’sstate-of-the-artboutique,yo
最新回复
(
0
)
