Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Operating System Security > Buffer Overflow > Flashcards

Buffer Overflow Flashcards

The most common and used attack methods.

1
Q

What is a buffer?

A. A permanent data storage

B. A memory segment for code execution

C. A temporary data storage area

D. A device driver interface

A

Answer: C

Explanation:
A buffer is a temporary storage region for data being transferred.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What causes a buffer overflow?

A. Too many threads

B. Excessive CPU usage

C. Writing more data than a buffer can hold

D. Lack of file descriptors

A

Answer: C

Explanation:
Buffer overflow happens when data exceeds the allocated memory space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which language is most prone to buffer overflow vulnerabilities?

A. Java

B. Python

C. C

D. Perl

A

Answer: C

Explanation:
C lacks built-in bounds checking mechanisms.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the most common type of buffer overflow attack?

A. Heap-based

B. Format string

C. Stack-based

D. Integer overflow

A

Answer: C

Explanation:
Stack-based attacks are easier and more common.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Which segment holds dynamically allocated memory?

A. BSS

B. Data

C. Heap

D. Stack

A

Answer: C

Explanation:
Heap is for dynamic memory (e.g., malloc).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Which segment stores local variables inside functions?

A. Stack

B. Data

C. Heap

D. BSS

A

Answer: A

Explanation:
Stack holds function call data, including local variables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which historical worm first exploited a buffer overflow?

A. SQL Slammer

B. Stagefright

C. Morris Worm

D. Code Red

A

Answer: C

Explanation:
The Morris Worm in 1988 used a buffer overflow vulnerability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Buffer overflow often leads to what kind of memory issues?

A. Memory swapping

B. Memory leaks

C. Memory access violations

D. Memory garbage collection

A

Answer: C

Explanation:
It can overwrite memory leading to crashes or code execution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is SEHOP designed to protect against?

A. Heap fragmentation

B. Pointer arithmetic

C. SEH overwrite via stack overflow

D. Format string attacks

A

Answer: C

Explanation:
SEHOP blocks attacks on the exception handler system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following is a runtime protection mechanism?

A. Firewall

B. IDS

C. ASLR

D. Encryption

A

Answer: C

Explanation:
Address Space Layout Randomization (ASLR) makes memory layout unpredictable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Which type of attack overwrites the return pointer in the stack?

A. Format string attack

B. Stack-based overflow

C. Heap spraying

D. SQL injection

A

Answer: B

Explanation:
Stack overflows target return pointers to change program control.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What function is unsafe due to lack of bounds checking?

A. fgets()

B. printf()

C. gets()

D. memcpy()

A

Answer: C

Explanation:
gets() reads input without limiting size, causing overflows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which language is less vulnerable to buffer overflows?

A. C

B. Java

C. C++

D. Assembly

A

Answer: B

Explanation:
Java has built-in bounds-checking and memory management.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does DEP stand for in buffer overflow protection?

A. Dynamic Execution Protocol

B. Data Entry Prevention

C. Data Execution Prevention

D. Device Event Processing

A

Answer: C

Explanation:
DEP marks memory as non-executable to block code execution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which segment stores global variables initialized to zero?

A. Stack

B. Heap

C. BSS

D. Text

A

Answer: C

Explanation:
The BSS segment holds zero-initialized global/static variables.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following does ASLR protect against?

A. Timing attacks

B. Side-channel attacks

C. Predictable memory layouts

D. Network sniffing

A

Answer: C

Explanation:
ASLR randomizes memory layout to prevent accurate attack targeting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Buffer overflow attacks typically result from:

A. Invalid port access

B. Poor memory management

C. Slow network access

D. Log file corruption

A

Answer: B

Explanation:
Inadequate memory checks or allocation causes overflows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

What enables an attacker to execute arbitrary code using buffer overflow?

A. Code injection

B. DOS attack

C. SQL injection

D. Cross-site scripting

A

Answer: A

Explanation:
Buffer overflows often allow attackers to inject and run code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What happens if an attacker overwrites a function pointer?

A. The program halts

B. The pointer is freed

C. The attacker controls program flow

D. Nothing, it is ignored

A

Answer: C

Explanation:
Control flow is hijacked if function pointers are compromised.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

The process of copying more data than the buffer can handle is called:

A. Memory leak

B. Buffer overrun

C. Data injection

D. Stack unwinding

A

Answer: B

Explanation:
Buffer overrun is a synonym for buffer overflow.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Which part of memory contains executable code of a program?

A. Heap

B. Stack

C. Text segment

D. Data segment

A

Answer: C

Explanation:
The text segment holds the executable machine instructions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Which of these vulnerabilities may arise from incorrect format specifiers?

A. Heap overflow

B. Format string attack

C. Buffer underrun

D. Memory leak

A

Answer: B

Explanation:
Format string vulnerabilities exploit unchecked input in format functions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

The ‘memcpy()’ function is unsafe because:

A. It is slow

B. It works only in Windows

C. It lacks bounds checking

D. It encrypts memory

A

Answer: C

Explanation:
Like other low-level functions, it does not check for buffer limits.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Which is a valid way to prevent buffer overflows in code?

A. Ignoring user input

B. Using unsafe functions

C. Implementing bounds checks

D. Running programs without memory

A

Answer: C

Explanation:
Checking input size and using safe functions helps prevent overflows.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Which language has built-in buffer overflow protection? A. Java B. C C. Assembly D. C++
Answer: A Explanation: Java automatically manages memory and checks bounds.
26
Heap-based overflows are harder to exploit because: A. Heap is read-only B. Heap uses encryption C. Heap layout is more complex and varies D. Heap cannot overflow
Answer: C Explanation: Heap overflows are complex due to dynamic and less predictable layout.
27
Which OS-level feature marks memory regions non-executable? A. ACL B. ASLR C. DEP D. VPN
Answer: C Explanation: DEP prevents code execution in data-only memory areas.
28
Which kind of buffer overflow affects data structures like the SEH? A. Heap-based overflow B. Structured exception overwrite C. Stack unwinding D. Buffer underflow
Answer: B Explanation: SEH overwrite protection helps mitigate this specific exploit.
29
Which attack uses excess input to overwrite adjacent memory? A. Format string attack B. Buffer overflow C. Phishing D. Race condition
Answer: B Explanation: Buffer overflow allows overwriting adjacent memory.
30
Why are interpreted languages safer against buffer overflows? A. They use more RAM B. They don’t allow function calls C. They manage memory automatically D. They are slower
Answer: C Explanation: Languages like Python and Java handle memory and check bounds automatically.
31
Define buffer overflow.
Answer: A buffer overflow occurs when more data is written to a buffer than it can hold, leading to adjacent memory being overwritten. Explanation: It’s a common programming error with severe security implications.
32
What is the main consequence of a buffer overflow?
Answer: It can cause data corruption, crashes, or arbitrary code execution. Explanation: Overflow may overwrite function return addresses or data.
33
Differentiate between stack-based and heap-based buffer overflow.
Answer: Stack-based overflows target the stack (e.g., return addresses), while heap-based overflows corrupt dynamically allocated memory. Explanation: Stack attacks are more common; heap attacks are harder to exploit.
34
How does ASLR protect against buffer overflow attacks?
Answer: It randomizes memory address spaces, making it difficult for attackers to predict memory locations. Explanation: This breaks assumptions attackers rely on for exploit success.
35
What is the function of the BSS segment?
Answer: It stores uninitialized global and static variables. Explanation: These are initialized to zero by the OS.
36
Give an example of a vulnerable C function.
Answer: gets() is a classic example because it lacks bounds checking. Explanation: It can overflow a buffer if user input exceeds its size.
37
What makes C/C++ vulnerable to buffer overflows?
Answer: Lack of automatic bounds-checking and manual memory management. Explanation: Programmers must manage memory safely, which is error-prone.
38
Mention one historical buffer overflow attack.
Answer: The Morris Worm in 1988. Explanation: It exploited a buffer overflow in fingerd.
39
How does DEP work?
Answer: It marks certain memory regions as non-executable. Explanation: This prevents injected code from executing in those regions.
40
What is SEHOP and what does it protect?
Answer: Structured Exception Handler Overwrite Protection prevents attackers from overwriting exception handlers using stack-based overflows. Explanation: It stops attacks that hijack SEH structures.
41
Why is buffer overflow still common despite being well-known?
Answer: Code complexity, legacy systems, and error-prone prevention techniques. Explanation: Developers still make memory-related mistakes.
42
What kind of programs are most vulnerable to buffer overflows?
Answer: Programs written in C/C++ that process external input. Explanation: Especially if they lack input validation and bounds checking.
43
Name one secure alternative to gets().
Answer: fgets() Explanation: It allows you to specify the number of bytes to read.
44
Why are interpreted languages less prone to buffer overflow?
Answer: They manage memory and perform automatic bounds-checking. Explanation: They abstract memory handling from the programmer.
45
What is the risk of overwriting the return address in a function?
Answer: It can allow an attacker to redirect execution flow. Explanation: Control is transferred to potentially malicious code.
46
Give an example of a buffer overflow prevention technique at the coding level.
Answer: Use of safer functions like strncpy() instead of strcpy(). Explanation: These functions enforce size limits.
47
What is a format string attack?
Answer: An attack exploiting functions like printf where unchecked input is interpreted as format specifiers. Explanation: It can expose memory or crash programs.
48
How can input validation prevent buffer overflows?
Answer: By ensuring data does not exceed expected sizes before processing. Explanation: It helps maintain buffer boundaries.
49
What is the role of the stack in a buffer overflow?
Answer: It holds local variables and return addresses which can be overwritten in stack-based overflows. Explanation: Overwriting return addresses redirects execution.
50
What does a typical buffer overflow attack try to achieve?
Answer: Gain control of a system or execute arbitrary code. Explanation: It compromises the integrity and control flow of a program.
51
Explain the working of a buffer overflow attack with an example.
Answer Outline: 1. Definition of buffer overflow 2. Example in C using gets() 3. Overwriting return address 4. Attacker injects shellcode 5. Redirects program control Example: Morris worm or crafted stack overflow Prevention: input validation, safe functions
52
Compare and contrast stack-based and heap-based buffer overflows.
Answer Outline: 1. Stack-based: targets return addresses on the stack 2. Heap-based: affects dynamically allocated memory 3. Stack attacks: easier to execute, more common 4. Heap attack: harder, requires detailed knowledge of memory layout Both allow arbitrary code execution
53
Discuss the causes of buffer overflow vulnerabilities.
Answer Outline: 1. Poor memory management 2. Lack of input validation 3. Use of unsafe functions (gets(), strcpy(), etc.) 4. Assumptions about input size 5. Complex code structures 6. External input dependency
54
What are the consequences of a buffer overflow attack on a system?
Answer Outline: 1. System crash 2. Unauthorized code execution 3. Loss of access control 4. Data leakage 5. Privilege escalation 6. Launching other attacks (e.g., malware)
55
Describe at least three mitigation techniques for buffer overflows.
Answer Outline: 1. Address Space Layout Randomization (ASLR) 2. Data Execution Prevention (DEP) 3. Structured Exception Handler Overwrite Protection (SEHOP) 4. Code auditing and secure programming practices 5. Safe programming languages (Java, Python) 6. Compiler-level protections (StackGuard, Canary)
56
Explain the role of memory segments in buffer overflows.
Answer Outline: 1. Overview of memory layout: Text, Data, BSS, Heap, Stack 2. Buffer overflows usually affect the Stack and Heap 3. Stack: return address manipulation 4. Heap: object overwrite, pointer redirection
57
Why are C and C++ more vulnerable to buffer overflows than languages like Java or Python?
Answer Outline: 1. Manual memory management 2. No built-in bounds checking 3. Direct access to pointers and memory 4. Java/Python: abstract memory access, automatic bounds checking 5. Example comparisons between strcpy() and String class usage
58
Analyze the impact of buffer overflow vulnerabilities in modern software applications.
Answer Outline: 1. Used in malware, worms (e.g., Code Red, SQL Slammer) 2. Exploits in browsers, PDF readers, OS components 3. Often lead to full system compromise 4. Affect public trust and data security 5. Example: Adobe Acrobat Reader CVE-2021-21017 6. Costly patches and downtime
59
Evaluate the effectiveness of runtime protections such as ASLR and DEP.
Answer Outline: 1. ASLR: randomizes memory layout, deters predictable exploitation 2. DEP: marks memory regions non-executable 3. Together: significantly raise the bar for successful exploits 4. Limitations: can be bypassed with advanced techniques 5. Example of a hardened vs. vulnerable system
60
Propose a secure software development lifecycle (SDLC) plan to minimize buffer overflow risks.
Answer Outline: 1. Secure coding practices from design to deployment 2. Input validation and bounds checking 3. Use of memory-safe libraries and languages 4. Regular code audits and static analysis 5. Runtime protections and patching strategy 6. Developer training and secure testing phases

Operating System Security (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions