首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
admin
2013-12-19
26
问题
The following scenario applies to questions 26 and 27.
Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
Which of the following is Charlie most likely concerned with in this situation?
选项
A、Injection attacks
B、Memory block
C、Buffer overflows
D、Browsing attacks
答案
C
解析
C正确。C编程语言很容易受到缓冲区溢出攻击,因为它的某些命令可以直接进行指针操作。特定的命令可以在不执行边界检查的情况下,直接访问低级别的内存地址。
A不正确。因为C编程语言不比其他语言更容易受到注入攻击。注入攻击通常不是发生在代码级别,而是由于接口接受了没有合理过滤和验证的数据而发生。
B不正确。因为这是一个干扰项。并不存在叫做“内存块”的官方编程语言漏洞。
D不正确。因为当某人审核敏感数据的各种资产时,就会发生浏览攻击。这个与编程语言无关,而是与访问控制的实施方式有关。
转载请注明原文地址:https://kaotiyun.com/show/FyhZ777K
0
CISSP认证
相关试题推荐
Individualsandbusinesseshavelegalprotectionforintellectualpropertytheycreateandown.Intellectualproper【C1】______fro
Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb
Theterme-commercereferstoallcommercialtransactionsconductedovertheInternet,includingtransactionsbyconsumersandb
SleepingGiantRightnow,aneruptionisbrewinginYellowstoneNationalPark.Sometimeduringthenexttwohours,themost
VirtualDriverDrivinginvolvessharpeyesandkeenears,analyzingwithabrain,andcoordinationbetweenhands,feetandb
Itishardtomakemoneypeddlingsocialmediaanywhere.Duringtheirfirstfewyearsinbusiness,FacebookandTwitterlostpo
[A]ThecontrolofthemixtureissoperfectthatwhereveryougointheworldwhereKFCissold,theendresultisexactlythe
Writealettertothemanagerofthehotelinwhichyouhavestayed,makingacomplaintaboutitsserviceduringyourstay.Y
Insteadofstayingwithonecompanyforlife,moreandmorepeoplearechangingtheirjobs.Whatisyouropiniononjobhopping?
Theusualargumentsforaddingwomendirectorsarethatdiverseboardsaremorecreativeandinnovative,lessinclinedto"group
随机试题
用拼音写出下列句子(1)最近海淀区的打架斗殴案件有所减少。(2)那些资料在北京大学的档案馆中依然保仔完好。(3)我们在江汉平原开发区找到了满意的答案。(4)与玉门乡毗邻的印度边民偶尔也来这里做生意。
磺酸的特点是()。
China’s5000-meterOlympicChampionWangJunxiaissufferingfromaseriousconditionbroughtonbystressandherheavytraini
COPD患者,动脉血气分析示pH及标准重碳酸盐增高,而PaCO2>10.7kPa,则可能存在_____________。
支气管哮喘的内因责之于伏痰,与哪些脏腑功能失调有关
钢筋安装实测项目中,属于关键项目的是()。
下列哪一种垫层厚度不应小于80mm?[2011年第33题]
记账凭证核算程序的主要缺点在于保持科目之间的对应关系。 ( )
待执行合同是指合同各方尚未履行任何合同义务,或部分地履行了同等义务的合同。()
把文章的各个段落综合起来,把握其中心思想,这是思维的()过程。
最新回复
(
0
)
