Data execution prevention is a feature in most operating systems intended to protect against
which type of attack?

A.
Cross-site scripting

B.
Buffer overflow

C.
Header manipulation

D.
SQL injection

Explanation:
Data Execution Prevention (DEP) is a security feature included in modern operating systems. It
marks areas of memory as either “executable” or “nonexecutable”, and allows only data in an
“executable” area to be run by programs, services, device drivers, etc. It is known to be available
in Linux, OS X, Microsoft Windows, iOS and Android operating systems.
DEP protects against some program errors, and helps prevent certain malicious exploits,
especially attacks that store executable instructions in a data area via a buffer overflow.

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary
data storage area) than it was intended to hold. Since buffers are created to contain a finite
amount of data, the extra information – which has to go somewhere – can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally
through programming error, buffer overflow is an increasingly common type of security attack on
data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger
specific actions, in effect sending new instructions to the attacked computer that could, for
example, damage the user’s files, change data, or disclose confidential information. Buffer
overflow attacks are said to have arisen because the C programming language supplied the
framework, and poor programming practices supplied the vulnerability.