New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

GIAC GCIA Exam - Topic 5 Question 45 Discussion

Actual exam question for GIAC's GCIA exam
Question #: 45
Topic #: 5
[All GCIA Questions]

An attacker changes the address of a sub-routine in such a manner that it begins to point to the address of the malicious code. As a result, when the function has been exited, the application can be forced to shift to the malicious code. The image given below explains this phenomenon:

Which of the following tools can be used as a countermeasure to such an attack?

Show Suggested Answer Hide Answer
Suggested Answer: D

by Adelle at May 13, 2024, 10:53 AM

Limited Time Offer

25%

Off

Get Premium GCIA Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Shaunna
3 months ago
Totally agree, SmashGuard is the way to go!
upvoted 0 times
...
Stephanie
3 months ago
Definitely not Absinthe, that's not the right tool.
upvoted 0 times
...
Linsey
3 months ago
Wait, can Kismet really help with this?
upvoted 0 times
...
Juliana
4 months ago
I think Obiwan might be more effective.
upvoted 0 times
...
Derick
4 months ago
SmashGuard is a solid choice for this.
upvoted 0 times
...
Marleen
4 months ago
Absinthe sounds familiar, but I can't recall its specific use. I wonder if it relates to this type of attack or if it's more for something else.
upvoted 0 times
...
Royal
4 months ago
I practiced a similar question where we discussed tools for preventing code injection. I think SmashGuard was mentioned as a good countermeasure.
upvoted 0 times
...
Marti
4 months ago
I'm not entirely sure, but I feel like Kismet is more about network analysis rather than code execution protection. It doesn't seem relevant here.
upvoted 0 times
...
Lorean
5 months ago
I remember studying about buffer overflow attacks and how they can redirect execution flow. I think SmashGuard might be the right answer since it protects against such vulnerabilities.
upvoted 0 times
...
Valentine
5 months ago
I'm a bit confused by this question. Can someone explain the attack mechanism in more detail? I want to make sure I understand it before I try to pick the right countermeasure.
upvoted 0 times
...
Shawna
5 months ago
Obiwan is an interesting choice, but I'm not sure it's the best fit for this specific attack. I'd lean more towards SmashGuard since it's designed to protect against function pointer overwrites.
upvoted 0 times
...
Jolene
5 months ago
Hmm, I'm not too familiar with these tools. I'll need to think this through carefully. Maybe I should review my notes on common countermeasures for code injection attacks.
upvoted 0 times
...
Jenelle
5 months ago
This looks like a classic buffer overflow attack. I think the answer is probably SmashGuard, which is a tool designed to detect and prevent this type of attack.
upvoted 0 times
...
Ceola
5 months ago
This question seems straightforward, but I want to double-check my understanding before submitting. Let me review the LSA types one more time to be sure.
upvoted 0 times
...
Lonny
5 months ago
I think I've got this one. Azure Bastion is a service that provides secure RDP and SSH access to your VMs, so the answer must be the Azure portal.
upvoted 0 times
...
Kimberely
5 months ago
Option D sounds right to me, but I feel a bit unsure about the exact number of agents. I might have mixed it up with another feature.
upvoted 0 times
...
Hobert
10 months ago
Obiwan? Pff, I've got a better idea - let's just crash the whole system and start over. That'll show 'em!
upvoted 0 times
Elfrieda
8 months ago
D) Absinthe
upvoted 0 times
...
Justa
8 months ago
C) Kismet
upvoted 0 times
...
Millie
9 months ago
B) SmashGuard
upvoted 0 times
...
Leatha
9 months ago
A) Obiwan
upvoted 0 times
...
...
Glenn
10 months ago
Use the SmashGuard, Luke! It's the only way to protect your application from the dark side of the force.
upvoted 0 times
Gracia
9 months ago
D) Absinthe
upvoted 0 times
...
Mollie
9 months ago
C) Kismet
upvoted 0 times
...
Gaynell
9 months ago
B) SmashGuard
upvoted 0 times
...
Jutta
10 months ago
A) Obiwan
upvoted 0 times
...
...
Annice
10 months ago
I'm not sure about SmashGuard, I think Obiwan might also be a good choice.
upvoted 0 times
...
Goldie
10 months ago
I agree with Audra, SmashGuard seems like a good option to prevent such attacks.
upvoted 0 times
...
Jame
10 months ago
Absinthe, the hallucinogenic drink? I'm starting to think the exam writer is just messing with us at this point.
upvoted 0 times
Glory
10 months ago
I agree, using SmashGuard can help prevent the malicious code from being executed.
upvoted 0 times
...
Chu
10 months ago
B) SmashGuard would be a good countermeasure for this type of attack.
upvoted 0 times
...
...
Latrice
11 months ago
Kismet? Isn't that a wireless network detection tool? I don't think that's going to help much in this scenario.
upvoted 0 times
Leah
9 months ago
Agreed. SmashGuard would be a better countermeasure in this situation.
upvoted 0 times
...
Winifred
9 months ago
Definitely not. We need something like SmashGuard to prevent this kind of attack.
upvoted 0 times
...
Marsha
9 months ago
Yeah, Kismet is not the right choice here.
upvoted 0 times
...
Sheldon
9 months ago
D) Absinthe
upvoted 0 times
...
Elly
9 months ago
C) Kismet
upvoted 0 times
...
Micaela
10 months ago
B) SmashGuard
upvoted 0 times
...
Frank
10 months ago
A) Obiwan
upvoted 0 times
...
...
Mireya
11 months ago
SmashGuard, huh? Sounds like a tool that would just end up smashing everything in sight, including the application.
upvoted 0 times
...
Kenny
11 months ago
Obiwan? Really? That's like using a lightsaber to fight off a hacker. Let's get serious here.
upvoted 0 times
...
Audra
11 months ago
I think SmashGuard can be used as a countermeasure.
upvoted 0 times
...

Save Cancel