Cyber Security test on “Buffer Overflow”.
1. Buffer-overflow attack can take place if a machine can execute a code that resides in the data/stack segment.
a) True
b) False
Answer: a
Clarification: Buffer-overflow attack can take place either the programmer lack boundary testing or if a machine can execute a code that resides in the data/stack segment.
2. Among the two types ____________buffer-overflow is complex to execute and the least common attack that may take place.
a) memory-based
b) queue-based
c) stack-based
d) heap-based
Answer: d
Clarification: Among the two types of buffer-overflow, heap-based buffer-overflow attacks are hard to execute and the least common of the 2 types. It attacks the application by flooding the space of memory that is reserved for a program.
3. _____________ buffer overflows, which are more common among attackers.
a) Memory-based
b) Queue-based
c) Stack-based
d) Heap-based
Answer: c
Clarification: In the case of stack-based buffer overflows, which is very common among the two types of buffer-overflow; it exploits applications by flooding the stack: memory-space where users externally input the data.
4. With the lack of boundary check, the program ends abnormally and leads to ___________ error.
a) logical
b) segmentation
c) compile-time
d) syntax
Answer: b
Clarification: In buffer-overflow, with the lack of boundary check, the program ends abnormally and leads to segmentation error or bus error. Sometimes the application on which the attack was done get stuck or hang and suddenly the app closes.
5. In an application that uses heap, the memory for data is allocated ____________
a) logical
b) dynamically
c) statically
d) at the beginning of the program
Answer: b
Clarification: In an application that uses the heap, memory utilized by the application is allocated dynamically at runtime. Access to such memories is comparatively slower than memories that use the stack.
6. In an application that uses stack, the memory for data is allocated ____________
a) logical
b) dynamically
c) statically
d) at the end of the program
Answer: c
Clarification: In application that uses heap, memory utilized by the application is allocated at the beginning of the function call and the memory get released at the end of a program. Accessing of values in the stack is very fast.
7. Malicious code can be pushed into the _________ during ______________ attack.
a) stack, buffer-overflow
b) queue, buffer-overflow
c) memory-card, buffer-overflow
d) external drive, buffer-overflow
Answer: a
Clarification: Malicious code can be pushed into the stack during the buffer-overflow attack. The overflow can be used to overwrite the return pointer so that the control-flow switches to the malicious code.
8. Variables that gets created dynamically when a function (such as malloc()) is called is created in the form of _______ data-structure.
a) array
b) queue
c) stack
d) heap
Answer: d
Clarification: Variables that gets created dynamically when a function (such as malloc()) is called is created in the form of heap data-structure. In heap-based overflow, the buffer is placed on the lower part of the heap, overwriting all dynamically generated variables.
9. How many primary ways are there for detecting buffer-overflow?
a) 6
b) 3
c) 2
d) 5
Answer: c
Clarification: There are two ways to detect buffer-overflow in an application. One way is to look into the code and check whether the boundary check has been properly incorporated or not. The other way is to make the executable build of the product, feed the application with a huge amount of data and check for abnormal behaviour.
10. Testing for buffer-overflow in a system can be done manually and has two possible ways.
a) True
b) False
Answer: a
Clarification: Testing for buffer-overflow in a system can be done manually, and has two possible ways. One way is to look into the code and check whether the boundary check has been properly incorporated or not. The other way is to make the executable build of the product, feed the application with a huge amount of data and check for abnormal behaviour.