CS0-003 · Question #369
CS0-003 Question #369: Real Exam Question with Answer & Explanation
The correct answer is A: Address space layout randomization. Address space layout randomization (ASLR) is a security control that randomizes the memory address space of a process, making it harder for an attacker to exploit memory-based vulnerabilities, such as buffer overflows. ASLR can also prevent a security analyst from finding the pro
Question
While performing a dynamic analysis of a malicious file, a security analyst notices the memory address changes every time the process runs. Which of the following controls is most likely preventing the analyst from finding the proper memory address of the piece of malicious code?
Options
- AAddress space layout randomization
- BData execution prevention
- CStack canary
- DCode obfuscation
Explanation
Address space layout randomization (ASLR) is a security control that randomizes the memory address space of a process, making it harder for an attacker to exploit memory-based vulnerabilities, such as buffer overflows. ASLR can also prevent a security analyst from finding the proper memory address of a piece of malicious code, as the memory address changes every time the process runs.
Topics
Community Discussion
No community discussion yet for this question.