PCDRA · Question #66
PCDRA Question #66: Real Exam Question with Answer & Explanation
The correct answer is A: UASLR. UASLR (Ultra Address Space Layout Randomization) is an enhancement over standard ASLR. Standard ASLR suffers from limited entropy, meaning attackers can sometimes predict or brute-force memory addresses. UASLR significantly increases the number of possible memory layout combinati
Question
Which Exploit Prevention Module (EPM) provides better entropy for randomization of memory locations?
Options
- AUASLR
- BJIT Mitigation
- CMemory Limit Heap spray check
- DDLL Security
Explanation
UASLR (Ultra Address Space Layout Randomization) is an enhancement over standard ASLR. Standard ASLR suffers from limited entropy, meaning attackers can sometimes predict or brute-force memory addresses. UASLR significantly increases the number of possible memory layout combinations, making it exponentially harder for exploit code to locate target functions or structures in memory. The other EPMs serve different purposes: JIT Mitigation protects just-in-time compiled code from being exploited, Heap Spray checks detect heap spray attacks by monitoring memory allocation patterns, and DLL Security prevents malicious DLL loading-none of these specifically focus on increasing randomization entropy.
Topics
Community Discussion
No community discussion yet for this question.