nerdexam
(ISC)2

CISSP · Question #1227

The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this vi

The correct answer is C. Address Space Layout Randomization (ASLR). Address Space Layout Randomization (ASLR) is a security feature that randomizes the memory locations of the executable code, the data, and the libraries used by a process. This makes it harder for an attacker to predict the memory addresses where the malicious code or data will b

Submitted by neha2k· Mar 5, 2026Security Architecture and Engineering

Question

The security operations center (SOC) has received credible intelligence that a threat actor is planning to attack with multiple variants of a destructive virus. After obtaining a sample set of this virus' variants and reverse engineering them to understand how they work, a commonality was found. All variants are coded to write to a specific memory location. It is determined this virus is of no threat to the organization because they had the focresight to enable what feature on all endpoints?

Options

  • AProcess isolation
  • BTrusted Platform Module (TPM)
  • CAddress Space Layout Randomization (ASLR)
  • DVirtualization

How the community answered

(23 responses)
  • A
    4% (1)
  • B
    13% (3)
  • C
    78% (18)
  • D
    4% (1)

Explanation

Address Space Layout Randomization (ASLR) is a security feature that randomizes the memory locations of the executable code, the data, and the libraries used by a process. This makes it harder for an attacker to predict the memory addresses where the malicious code or data will be loaded or executed, and thus prevents the exploitation of memory corruption vulnerabilities, such as buffer overflows. ASLR is enabled by default on most modern operating systems and applications, and it can mitigate the impact of a destructive virus that is coded to write to a specific memory location.

Topics

#Address Space Layout Randomization (ASLR)#Malware protection#Endpoint security#Memory exploitation

Community Discussion

No community discussion yet for this question.

Full CISSP Practice