Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has
been tasked to identify the issue and report any findings. Which of the following is the FIRST step of
action recommended in this scenario?
A.
Baseline Reporting
B.
Capability Maturity Model
C.
Code Review
D.
Quality Assurance and Testing
Explanation:
A buffer overflow attack attacks a vulnerability caused by poor coding in an application. Reviewing the
code of the application will enable you to identify code that is vulnerable to buffer overflow.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary data
storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data,
the extra information – which has to go somewhere – can overflow into adjacent buffers, corrupting or
overwriting the valid data held in them. Although it may occur accidentally through programming error,
buffer overflow is an increasingly common type of security attack on data integrity. In buffer overflow
attacks, the extra data may contain codes designed to trigger specific actions, in effect sending new
instructions to the attacked computer that could, for example, damage the user’s files, change data, or
disclose confidential information. Buffer overflow attacks are said to have arisen because the Cprogramming language supplied the framework, and poor programming practices supplied the
vulnerability.
Incorrect Answers:
A: Baseline reporting from a security perspective is used to alert you to any changes in a security posture
compared to the original baseline configuration. It will not provide information about vulnerability to
buffer overflow attacks.
B: The Capability Maturity Model (CMM) is a methodology used to develop and refine an organization’s
software development process. It will not provide information about vulnerability to buffer overflow
attacks.
D: Quality Assurance and Testing could be used to test the functionality of an application. However, to
identify a vulnerability to buffer overflow attacks, you would need to examine the code of the application.http://searchsecurity.techtarget.com/definition/buffer-overflow
KEY WORD: FIRST STEP & PROGRAMMER
So the programmer must look at the program to see what is causing the buffer overflow.
A buffer overflow attack attacks a vulnerability caused by poor coding in an application.
This is done by the programmer debugging the program, which is another name for “code review”
0
0