exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam

Exam CISSP topic 1 question 145 discussion

Actual exam question from ISC's CISSP
Question #: 145
Topic #: 1
[All CISSP Questions]

The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this virus' variants and reverse engineering them to understand how they work, a commonality was found. All variants are coded to write to a specific memory location. It is determined this virus is of no threat to the organization because they had the foresight to enable what feature on all endpoints?

  • A. Address Space Layout Randomization (ASLR)
  • B. Trusted Platform Module (TPM)
  • C. Virtualization
  • D. Process isolation
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
dev46
Highly Voted 1 year, 5 months ago
Selected Answer: A
The keyword is "feature" A. Address Space Layout Randomization (ASLR) - feature B. Trusted Platform Module (TPM) - it's a chip in motherboard, not a feture C. Virtualization - not a feature D. Process isolation - not a feature
upvoted 13 times
jackdryan
10 months, 1 week ago
A is correct
upvoted 1 times
...
...
74gjd_37
Most Recent 5 months, 3 weeks ago
Selected Answer: A
The correct answer is A (ASLR). Process isolation is a security technique that separates individual processes on a system to prevent them from interfering with each other. It is a useful technique for preventing malware or other malicious processes from accessing or modifying data in other processes. However, process isolation alone would not be sufficient to protect against the specific threat posed by the virus variants in this scenario. The virus variants were coded to write to a specific memory location, which means that they could still potentially write to memory locations within their own isolated process. Therefore, process isolation would not prevent the virus from functioning as intended and carrying out its malicious activities.
upvoted 1 times
...
Bach1968
8 months, 2 weeks ago
Selected Answer: A
The feature that would have enabled the organization to determine that the virus is of no threat is Address Space Layout Randomization (ASLR). ASLR is a security technique that randomizes the memory addresses used by a program during its execution. It prevents the predictable allocation of memory addresses, making it harder for attackers to exploit memory-based vulnerabilities or execute code in known memory locations. By enabling ASLR on all endpoints, the organization ensures that the virus variants, which are coded to write to a specific memory location, will not be able to successfully carry out their malicious actions.
upvoted 2 times
...
Ivanchun
1 year, 2 months ago
Selected Answer: A
Vote A, “All variants are coded to write”
upvoted 1 times
...
Jamati
1 year, 4 months ago
Selected Answer: A
Answer is A
upvoted 2 times
...
ygc
1 year, 5 months ago
A is correct, the key words are "a specific memory location".
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago