CAS-005 · Question #359
CAS-005 Question #359: Real Exam Question with Answer & Explanation
The correct answer is C: NX bit. The NX bit (No eXecute bit) is a security feature that marks certain areas of memory as non- executable. This prevents code from being run in those areas, which is a common technique used in modern operating systems to protect against buffer overflow and other exploits. When the
Question
A company is rewriting a vulnerable application and adding the mprotect() system call in multiple parts of the application's code that was being leveraged by a recent exploitation tool. Which of the following should be enabled to ensure the application can leverage the new system call against similar attacks in the future?
Options
- ATPM
- BSecure boot
- CNX bit
- DHSM
Explanation
The NX bit (No eXecute bit) is a security feature that marks certain areas of memory as non- executable. This prevents code from being run in those areas, which is a common technique used in modern operating systems to protect against buffer overflow and other exploits. When the application leverages the mprotect() system call, it can mark memory regions as non-executable, making it more difficult for attackers to execute injected malicious code. By enabling the NX bit, the system enforces that no code can be executed from areas that should only contain data, preventing certain types of exploits.
Community Discussion
No community discussion yet for this question.