Cyber Security Multiple Choice Questions on “Buffer Overflow”.
1. A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a) stack
b) queue
c) external storage
d) buffer
Answer: d
Clarification: A buffer is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers. The buffer can handle data only if limited data is inserted.
2. In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a) Phishing
b) MiTM
c) Buffer-overflow
d) Clickjacking
Answer: c
Clarification: In a buffer-overflow attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
3. How many types of buffer-overflow attack are there?
a) 4
b) 2
c) 5
d) 3
Answer: b
Clarification: There are two different types of buffer-overflow attack. These are stack-based and heap-based buffer overflow. In both the cases, this type of exploit takes advantage of an application that waits for user’s input.
4. Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a) buffer
b) external storage
c) processing power
d) local storage
Answer: a
Clarification: In a scenario, where to suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually, this is because of the limited buffer.
5. ______________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a) Memory leakage
b) Buffer-overrun
c) Less processing power
d) Inefficient programming
Answer: b
Clarification: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
6. Buffer-overflow is also known as ______________
a) buffer-overrun
b) buffer-leak
c) memory leakage
d) data overflow
Answer: a
Clarification: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by app developers which could be exploited by an attacker for gaining access or malfunctioning your system.
7. Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a) boundary hacks
b) memory checks
c) boundary checks
d) buffer checks
Answer: c
Clarification: Buffer-overflow may remain as a bug in apps if boundary checks are not done fully by developers or are skipped by the QA (Quality Assurance) testers of the software development team.
8. Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a) C, Ruby
b) Python, Ruby
c) C, C++
d) Tcl, C#
Answer: c
Clarification: Applications developed by programming languages like C and C++ have this common buffer-overflow error. The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data.
9. Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a) No string boundary checks in predefined functions
b) No storage check in the external memory
c) No processing power check
d) No database check
Answer: a
Clarification: The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data fetched from some other variable holding larger data.
10. Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a) Windows 7
b) Chrome
c) IOS12
d) UNIX
Answer: d
Clarification: Old operating systems like UNIX and NT-based systems have buffer-overflow attack a common vulnerability. This is because they were developed in old programming languages.