Cyber Security Questions and Answers – Buffer Overflow – 1

«
»

This set of Cyber Security Multiple Choice Questions & Answers (MCQs) focuses on “Buffer Overflow – 1”.

1. A __________ is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers.
a) stack
b) queue
c) external storage
d) buffer
View Answer

Answer: d
Explanation: A buffer is a sequential segment of the memory location that is allocated for containing some data such as a character string or an array of integers. The buffer can handle data only if limited data is inserted.
advertisement

2. In a _____________ attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.
a) Phishing
b) MiTM
c) Buffer-overflow
d) Clickjacking
View Answer

Answer: c
Explanation: In a buffer-overflow attack, the extra data that holds some specific instructions in the memory for actions is projected by a cyber-criminal or penetration tester to crack the system.

3. How many types of buffer-overflow attack are there?
a) 4
b) 2
c) 5
d) 3
View Answer

Answer: b
Explanation: There are two different types of buffer-overflow attack. These are stack-based and heap-based buffer overflow. In both the cases, this type of exploit takes advantage of an application that waits for user’s input.

4. Let suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually this is because of limited __________
a) buffer
b) external storage
c) processing power
d) local storage
View Answer

Answer: a
Explanation: In a scenario, where to suppose a search box of an application can take at most 200 words, and you’ve inserted more than that and pressed the search button; the system crashes. Usually, this is because of the limited buffer.

5. ______________ is a widespread app’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
a) Memory leakage
b) Buffer-overrun
c) Less processing power
d) Inefficient programming
View Answer

Answer: b
Explanation: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by developers which could be exploited by an attacker for gaining access or malfunctioning your system.
advertisement

6. Buffer-overflow is also known as ______________
a) buffer-overrun
b) buffer-leak
c) memory leakage
d) data overflow
View Answer

Answer: a
Explanation: Buffer-overflow, also known as buffer-overrun is a widespread application’s coding mistake made by app developers which could be exploited by an attacker for gaining access or malfunctioning your system.

7. Buffer-overflow may remain as a bug in apps if __________ are not done fully.
a) boundary hacks
b) memory checks
c) boundary checks
d) buffer checks
View Answer

Answer: c
Explanation: Buffer-overflow may remain as a bug in apps if boundary checks are not done fully by developers or are skipped by the QA (Quality Assurance) testers of the software development team.

8. Applications developed by programming languages like ____ and ______ have this common buffer-overflow error.
a) C, Ruby
b) Python, Ruby
c) C, C++
d) Tcl, C#
View Answer

Answer: c
Explanation: Applications developed by programming languages like C and C++ have this common buffer-overflow error. The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data.

9. Why apps developed in languages like C, C++ is prone to Buffer-overflow?
a) No string boundary checks in predefined functions
b) No storage check in the external memory
c) No processing power check
d) No database check
View Answer

Answer: a
Explanation: The strcat(), strcpy(), sprintf(), gets() etc when called in C and C++ can be exploited because these functions don’t check whether the stack is large enough for storing the data fetched from some other variable holding larger data.
advertisement

10. Old operating systems like _______ and NT-based systems have buffer-overflow attack a common vulnerability.
a) Windows 7
b) Chrome
c) IOS12
d) UNIX
View Answer

Answer: d
Explanation: Old operating systems like UNIX and NT-based systems have buffer-overflow attack a common vulnerability. This is because they were developed in old programming languages.

Sanfoundry Global Education & Learning Series – Cyber Security.

To practice all areas of Cyber Security, here is complete set of 1000+ Multiple Choice Questions and Answers.

advertisement
advertisement
advertisement
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He is Linux Kernel Developer & SAN Architect and is passionate about competency developments in these areas. He lives in Bangalore and delivers focused training sessions to IT professionals in Linux Kernel, Linux Debugging, Linux Device Drivers, Linux Networking, Linux Storage, Advanced C Programming, SAN Storage Technologies, SCSI Internals & Storage Protocols such as iSCSI & Fiber Channel. Stay connected with him @ LinkedIn