2. 计算机
  3. The following scenario applies to questions 28 and 29. Tim’s development team is designing a new operating system. One of the re

The following scenario applies to questions 28 and 29. Tim’s development team is designing a new operating system. One of the re

admin2013-12-19  56
问题 The following scenario applies to questions 28 and 29.
Tim’s development team is designing a new operating system. One of the requirements of the new product is that critical memory segments need to be categorized as nonexecutable, with the goal of reducing malicious code from being able to execute instructions in privileged mode. The team also wants to make sure that attackers will have a difficult time predicting execution target addresses.
Which of the following best describes the type of technology the team should implement to increase the work effort of buffer overflow attacks?
选项 A、Address space layout randomization
B、Memory induction application
C、Input memory isolation
D、Read-only memory integrity checks
答案A
解析 A正确。地址空间布局随机化(Address Spacc Layout Randomization,ASLR)是一种涉及随机排列进程的地址空间和其他内存段的控制。它在进程的地址空间内随机排列核心数据(通常包括可执行程序的基和系统库的位置、内存堆和内存栈)区域的位置。ASLR使得攻击者更难预测特定内存攻击的目标地址。
B不正确。因为这是一个干扰项。这不是一个官方术语或安全问题。
C不正确。因为尽管内存隔离有助于防止缓冲区溢出,但它不是其存在的特殊原因。内存隔离的实施是为了防止许多不同的内存攻击。地址空间随机化(ASLR)是专门为了试图以智取胜攻击者,使得攻击者更难知道系统的内存地址模式。
D不正确。因为这是一个干扰项。这不是一个官方术语或安全问题。
转载请注明原文地址:https://kaotiyun.com/show/LyhZ777K
0

CISSP认证

相关试题推荐
随机试题
最新回复(0)