首页
外语
计算机
考研
公务员
职业资格
财经
工程
司法
医学
专升本
自考
实用职业技能
登录
计算机
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
The following scenario applies to questions 26 and 27. Charlie is a new security manager at a textile company that develops its
admin
2013-12-19
20
问题
The following scenario applies to questions 26 and 27.
Charlie is a new security manager at a textile company that develops its own proprietary software for internal business processes. Charlie has been told that the new application his team needs to develop must comply with the ISO/IEC 42010 standard. He has found out that many of the critical applications have been developed in the C programming language and has asked for these applications to be reviewed for a specific class of security vulnerabilities.
Which of the following is Charlie most likely concerned with in this situation?
选项
A、Injection attacks
B、Memory block
C、Buffer overflows
D、Browsing attacks
答案
C
解析
C正确。C编程语言很容易受到缓冲区溢出攻击,因为它的某些命令可以直接进行指针操作。特定的命令可以在不执行边界检查的情况下,直接访问低级别的内存地址。
A不正确。因为C编程语言不比其他语言更容易受到注入攻击。注入攻击通常不是发生在代码级别,而是由于接口接受了没有合理过滤和验证的数据而发生。
B不正确。因为这是一个干扰项。并不存在叫做“内存块”的官方编程语言漏洞。
D不正确。因为当某人审核敏感数据的各种资产时,就会发生浏览攻击。这个与编程语言无关,而是与访问控制的实施方式有关。
转载请注明原文地址:https://kaotiyun.com/show/FyhZ777K
0
CISSP认证
相关试题推荐
RoboticHighwayConesAUniversityofNebraskaprofessorhasdevelopedroboticconesandbarrels.____41____Theycanevenbe
Iftheworld’seducationsystemshaveacommonfocus,itistoturnoutschool-leaverswhoareproficientinmaths.Governments
Menandwomendothinkdifferently,atleastwheretheanatomyofthebrainisconcerned,accordingtoanewstudy.Thebrainis
[A]Whattodoasastudent?[B]Variousdefinitionsofplagiarism[C]Ideasshouldalwaysbesourced[D]Ignorancecanbeforgi
[A]Whattodoasastudent?[B]Variousdefinitionsofplagiarism[C]Ideasshouldalwaysbesourced[D]Ignorancecanbeforgi
C.P.Snowoncesaid:"Asenseofthefutureisbehindallgoodpolicies.Unlesswehaveit,wecangivenothingeitherwiseor
ScientificMethodisatermdenotingtheprinciplesthatguidescientificresearchandexperimentation,andalsothephilosophic
In1930,whentheworldwas"sufferingfromabadattackofeconomicpessimism",JohnMay-nardKeyneswroteabroadlyoptimisti
Fastingglucose(葡萄糖)andinsulin(胰岛素)levelsremainwithinnormalrangeforwomenusinginjectableororalcontraception,withonl
Familiarasitmayseem,gravityremainsamysterytomodernphysics.Despiteseveraldecadesoftrying,scientistshavefailed
随机试题
适宜于取身体侧面少阳经腧穴和上、下肢的部分腧穴,患者应取的体位为
王某将自己居住的房屋向某保险公司投保家庭财产保险。保险合同有效期内,该房屋因邻居家的小孩玩火而被部分毁损,损失10万元。下列哪些选项是错误的?
某发电厂扩建一台125MW的发电机,其额定功率因数cosφ=0.85,额定电压为13.8kV,采用发电机变压器组接入220kV母线,发电机一次额定电流为6150A,电压互感器一次额定电压为15kV,电流互感器一次额定电流为8000A。二次测量电压表满刻
根据《水电站基本建设工程验收规程》(DL/T5123—2000),以下关于工程蓄水验收的说法,正确的是()。
将以下5个句子重新排列组合,排列组合最连贯的是()。①《财务管理》一书从计提方法、计提范围、计提数额、比例等方面对“坏账准备”的会计处理与税务处理的异同作了详细的比较。②税法的目的主要是保证国家的财政收入,利用税收杠杆进行宏观调控。③会计制
设f’(x0)=0,f”(x0)>0,则必定存在一个正数δ,使得()。
设a="MicrosoftVisualBasic",则以下使变量b的值为“VisualBasic”的语句是______。
A、 B、 C、 B否定疑问句可以用yes/no回答,但不一定非要用yes/no。(A)虽然肯定地回答了,但是提问是关于软件的.不是饮食。(B)回答“没有使用过。”是正确答案。(C)使用了tryon“试穿”的意思,所以
Thebuildingofthenewsubwaylinesinthecityhasbeen______duetolackofenoughin-vestment.
A、Theself-assuredones.B、Thehigh-incomeones.C、Theaverageones.D、Thepopularones.A短文提到自信的人可能看起来比他们本身表现更出色一点,而且对加薪的忧虑也少点,
最新回复
(
0
)
