PECB
ISO-IEC-27001-LEAD-AUDITOR · Question #295
ISO-IEC-27001-LEAD-AUDITOR Question #295: Real Exam Question with Answer & Explanation
Sign in or unlock ISO-IEC-27001-LEAD-AUDITOR to reveal the answer and full explanation for question #295. The question stem and answer options stay visible for context.
Question
Scenario: A data processing tool crashed when a user added more data to the buffer than its storage capacity allows. The incident was caused by the tool's inability to bound-check arrays. What kind of vulnerability is this?
Options
- AIntrinsic vulnerability, i.e., inability to bound-check arrays, is a characteristic of the data
- BExtrinsic vulnerability, i.e., the exploit of the buffer overflow vulnerability, is caused by an external
- CNone; buffer overflow is not a vulnerability; it is a threat
Unlock ISO-IEC-27001-LEAD-AUDITOR to see the answer
You've previewed enough free ISO-IEC-27001-LEAD-AUDITOR questions. Unlock ISO-IEC-27001-LEAD-AUDITOR for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.