Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GAQM CPEH-001 Exam - Topic 5 Question 56 Discussion

Actual exam question for GAQM's CPEH-001 exam
Question #: 56
Topic #: 5
[All CPEH-001 Questions]

StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use _____ defense against buffer overflow attacks.

Show Suggested Answer Hide Answer
Suggested Answer: A

Canaries or canary words are known values that are placed between a buffer and control data on the stack to monitor buffer overflows. When the buffer overflows, it will clobber the canary, making the overflow evident. This is a reference to the historic practice of using canaries in coal mines, since they would be affected by toxic gases earlier than the miners, thus providing a biological warning system.


by Alpha at Aug 03, 2022, 05:23 PM

Limited Time Offer

25%

Off

Get Premium CPEH-001 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Aja
6 months ago
Surprised to see so many options for buffer overflow!
upvoted 0 times
...
Sanda
6 months ago
I thought /GS was more about stack protection?
upvoted 0 times
...
Jose
7 months ago
Wait, isn't that just one part of the whole picture?
upvoted 0 times
...
Georgeanna
7 months ago
Totally agree, it's a solid method.
upvoted 0 times
...
Tatum
7 months ago
They all use canary defense!
upvoted 0 times
...
Mari
7 months ago
I thought it was B, Hex editing, but now that I think about it, that doesn't really fit with the context of buffer overflow defenses.
upvoted 0 times
...
Ressie
7 months ago
I recall that StackGuard and similar tools use some kind of protection mechanism, but I can't remember if it's specifically called a Canary.
upvoted 0 times
...
Aja
7 months ago
I think the answer might be A, Canary. I remember studying how it works to detect buffer overflows by placing a value before the return address.
upvoted 0 times
...
Vicente
7 months ago
I'm not entirely sure, but I feel like I've seen questions about this before. Could it be D, Non-executing stack? That sounds familiar.
upvoted 0 times
...
Rupert
7 months ago
Okay, I'm pretty confident that Anomaly Detector is the right answer here. It's specifically built for anomaly detection in time series data, which is exactly what the question is asking for. And it can integrate with IoT Hub, so that seems like a perfect match.
upvoted 0 times
...
Malika
7 months ago
Okay, let's think this through step-by-step. The key details are the cloud pod architecture, the WAN links, and the need to minimize the number of open ports.
upvoted 0 times
...

Save Cancel