nerdexam
EC-Council

312-50V10 · Question #221

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

The correct answer is B. Data Execution Prevention (DEP). Data Execution Prevention (DEP) marks memory regions as non-executable, blocking malicious code payloads from running even when triggered by scripts like .bat or .ps1 files.

System Hacking

Question

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

Options

  • AUser Access Control (UAC)
  • BData Execution Prevention (DEP)
  • CAddress Space Layout Randomization (ASLR)
  • DWindows firewall

How the community answered

(25 responses)
  • A
    4% (1)
  • B
    92% (23)
  • C
    4% (1)

Why each option

Data Execution Prevention (DEP) marks memory regions as non-executable, blocking malicious code payloads from running even when triggered by scripts like .bat or .ps1 files.

AUser Access Control (UAC)

UAC (User Account Control) prompts for elevation when administrative privileges are needed, but does not specifically block the execution of script file content at the memory level.

BData Execution Prevention (DEP)Correct

DEP enforces a hardware and OS-level policy that prevents code from executing in memory pages designated as data-only, stopping script-injected shellcode from running. When a malicious .bat or .ps1 script attempts to load and execute arbitrary code in a non-executable memory region, DEP intercepts and terminates that execution before the payload can run.

CAddress Space Layout Randomization (ASLR)

ASLR (Address Space Layout Randomization) randomizes base memory addresses to hinder exploitation, but does not prevent script files from being executed or their payloads from loading.

DWindows firewall

Windows Firewall filters inbound and outbound network connections based on rules and has no mechanism to block local script file execution.

Concept tested: Data Execution Prevention blocking script-based code injection

Source: https://learn.microsoft.com/en-us/windows/win32/memory/data-execution-prevention

Topics

#DEP#memory protection#Windows security#script execution

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice