CISSP · Question #1227
The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this vi
The correct answer is C. Address Space Layout Randomization (ASLR). Address Space Layout Randomization (ASLR) is a security feature that randomizes the memory locations of the executable code, the data, and the libraries used by a process. This makes it harder for an attacker to predict the memory addresses where the malicious code or data will b
Question
The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this virus' variants and reverse engineering them to understand how they work, a commonality was found. All variants are coded to write to a specific memory location. It is determined this virus is of no threat to the organization because they had the focresight to enable what feature on all endpoints?
Options
- AProcess isolation
- BTrusted Platform Module (TPM)
- CAddress Space Layout Randomization (ASLR)
- DVirtualization
How the community answered
(23 responses)- A4% (1)
- B13% (3)
- C78% (18)
- D4% (1)
Explanation
Address Space Layout Randomization (ASLR) is a security feature that randomizes the memory locations of the executable code, the data, and the libraries used by a process. This makes it harder for an attacker to predict the memory addresses where the malicious code or data will be loaded or executed, and thus prevents the exploitation of memory corruption vulnerabilities, such as buffer overflows. ASLR is enabled by default on most modern operating systems and applications, and it can mitigate the impact of a destructive virus that is coded to write to a specific memory location.
Topics
Community Discussion
No community discussion yet for this question.