Bob has a good understanding of cryptography, having worked with it for many years. Cryptography is used to secure data from specific threats but it does not secure the data from the specific threats but it does no secure the application from coding errors. It can provide data privacy; integrity and enable strong authentication but it can’t mitigate programming errors. What is a good example of a programming error that Bob can use to explain to the management how encryption will not address all their security concerns?

A.
Bob can explain that using a weak key management technique is a form of programming error

B.
Bob can explain that using passwords to derive cryptographic keys is a form of a programming error

C.
Bob can explain that a buffer overflow is an example of programming error and it is a common mistake associated with poor programming technique

D.
Bob can explain that a random number generation can be used to derive cryptographic keys but it uses a weak seed value and this is a form of a programming error

Explanation:
In computer security and programming, a buffer overflow, or buffer overrun, is a programming error which may result in a memory access exception and program termination, or in the event of the user being malicious, a possible breach of system security.