312-50V13 · Question #317
312-50V13 Question #317: Real Exam Question with Answer & Explanation
The correct answer is C: Buffer overflow. Buffer Overflow Attack Explanation Based on the question context, the attacker is injecting an excessively long string or payload designed to overwhelm memory allocation boundaries, which is characteristic of a buffer overflow attack. This type of attack attempts to write data be
Question
John is investigating web-application firewall logs and observers that someone is attempting to inject the following: What type of attack is this?
Options
- ACSRF
- BXSS
- CBuffer overflow
- DSQL injection
Explanation
Buffer Overflow Attack Explanation
Based on the question context, the attacker is injecting an excessively long string or payload designed to overwhelm memory allocation boundaries, which is characteristic of a buffer overflow attack. This type of attack attempts to write data beyond the allocated memory buffer, potentially allowing the attacker to overwrite adjacent memory, crash applications, or execute malicious code.
Why the distractors are wrong:
- A (CSRF): Cross-Site Request Forgery tricks authenticated users into submitting unwanted requests - it doesn't involve injecting oversized payloads into input fields
- B (XSS): Cross-Site Scripting injects malicious scripts (typically JavaScript) into web pages, not memory-overloading strings
- D (SQL Injection): SQL injection uses database commands (like
' OR 1=1--) to manipulate backend queries, not raw memory-targeting payloads
🧠 Memory Tip: Think of a buffer overflow like overfilling a glass of water - you're pouring in more data than the container can hold, causing it to "spill over" into adjacent memory. If the attack payload looks unusually long and repetitive (e.g., strings of A's or special characters), think buffer overflow first!
Topics
Community Discussion
No community discussion yet for this question.