nerdexam
ExamsGCIHQuestions#11
GIAC

GCIH · Question #11

GCIH Question #11: Real Exam Question with Answer & Explanation

The correct answer is C: It is a condition in which an application receives more data than it is configured to accept.. A buffer overflow is a vulnerability condition in which an application receives more data than its allocated buffer can hold, potentially allowing memory corruption or code execution.

Question

Which of the following statements about buffer overflow is true?

Options

  • AIt manages security credentials and public keys for message encryption.
  • BIt is a collection of files used by Microsoft for software updates released between major
  • CIt is a condition in which an application receives more data than it is configured to accept.
  • DIt is a false warning about a virus.

Explanation

A buffer overflow is a vulnerability condition in which an application receives more data than its allocated buffer can hold, potentially allowing memory corruption or code execution.

Common mistakes.

  • A. Managing security credentials and public keys for message encryption describes a Public Key Infrastructure (PKI) or key management system, which is entirely unrelated to buffer overflow vulnerabilities.
  • B. A collection of files used by Microsoft for software updates released between major versions describes a service pack or cumulative update rollup, not a memory vulnerability condition.
  • D. A false warning about a virus describes a virus hoax or false positive alert generated by antivirus software, which has no relationship to the buffer overflow vulnerability category.

Concept tested. Buffer overflow vulnerability definition and identification

Reference. https://owasp.org/www-community/vulnerabilities/Buffer_Overflow

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full GCIH Practice