What is the benefit of an operating system (OS) feature that is designed to prevent an application from executing code from a non-executable memory region?
A.
Identifies which security patches still need to be installed on the system
B.
Reduces the risk of polymorphic viruses from encrypting their payload
C.
Stops memory resident viruses from propagating their payload
D.
Helps prevent certain exploits that store code in buffers
If an operating system can mark some or all writable regions of memory as non-executable, it may be able to prevent the stack and heap memory areas from being executable. This helps to prevent certain buffer overflow exploits from succeeding, particularly those that inject and execute code
Helps prevent certain exploits that store code in buffers (Option D): This feature, often referred to as Data Execution Prevention (DEP) or Execute Disable (XD), is designed to prevent buffer overflow and other types of exploits that attempt to execute code from areas of memory that should only contain data. It enhances security by making it more difficult for attackers to execute arbitrary code in vulnerable applications.
D. Helps prevent certain exploits that store code in buffers
This OS feature is known as Data Execution Prevention (DEP) or No-Execute (NX) bit. It helps mitigate certain types of security vulnerabilities and exploits, such as buffer overflow attacks. By marking certain memory regions as non-executable, it prevents malicious code from being executed in those regions, reducing the risk of successful exploits that rely on injecting and executing malicious code in areas where it shouldn't be executed.
D. What is Data Execution Prevention (DEP)?
Data Execution Prevention (DEP) is a technology built into Windows that helps protect you from executable code launching from places it's not supposed to. DEP does that by marking some areas of your PC's memory as being for data only, no executable code or apps will be allowed to run from those areas of memory.
This is designed to make it harder for attacks that try to use buffer overflows, or other techniques, to run their malware from those parts of memory that normally only contain data.
D is correct. Polymorphic viruses will always try to encrypt their payload regardless of the memory region they're in.
upvoted 1 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Stevooo
Highly Voted 2 years, 2 months agojackdryan
1 year, 6 months agoe58c193
Most Recent 7 months, 3 weeks ago629f731
10 months, 2 weeks agoSoleandheel
11 months, 2 weeks agoDASH_v
1 year, 6 months agoDee83
1 year, 10 months agoWiDeBarulho
2 years, 1 month ago