100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
Chapter 10 Computer Security Principles and Practice (Stallings/Brown)Questions & Answers $9.52   Add to cart
Quickly navigate to
Preview
  2.  
  3. Chapter 10 Computer Security Principles And Practi
  4.  
  5. Chapter 10 Computer Security Principles And Practi
  6.  
  7. Chapter 10 Computer Security Principles and Practi

Exam (elaborations)

Chapter 10 Computer Security Principles and Practice (Stallings/Brown)Questions & Answers
 1 view  0 purchase
  • Course
  • Chapter 10 Computer Security Principles and Practi
  • Institution
  • Chapter 10 Computer Security Principles And Practi

Chapter 10 Computer Security Principles and Practice (Stallings/Brown) Buffer overflow - Answer- A condition at an interface under which more info can be placed into a buffer or data holding area than the capacity allocated, overriding other information Example of a buffer overflow - Answer- ...

[Show more]

Preview 1 out of 3  pages

Document information

  • June 24, 2024
  • 3
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers

Subjects

  • buffer overflow
  • when are stacks used
  • shellcode
  • chapter 10 computer security principles and practi
  • example of a buffer overflow
  • when control is transferred to the shellcode whose

Written for

  • Chapter 10 Computer Security Principles and Practi
  • Chapter 10 Computer Security Principles and Practi
  • Chapter 10 Computer Security Principles and Practi
All documents for this subject (1)

Seller

avatar-seller
Gurustudy

Reviews received

Content preview

Chapter 10 Computer Security
Principles and Practice
(Stallings/Brown)
Buffer overflow - Answer- A condition at an interface under which more info can be
placed into a buffer or data holding area than the capacity allocated, overriding other
information

Example of a buffer overflow - Answer- Stack buffer overflows inserting extra
instructions into a command to force an overflow
that inserts calls to malware

When are stacks used? - Answer- 1. in function/procedure calls.
2. for allocation of memory for local variables.
3. for allocation of memory for parameters.
4. control information (return address)

ShellCode - Answer- 1. Creates a shell. It is short. The shellcode must be in machine
code so that can be inserted directly into memory.
2. It must have a return address that is the legitimate return address

When control is transferred to the shellcode whose privileges are used? - Answer- 1.
Recall it is running on
behalf of the user.
2. The privileges that are used are:
the host program's (this is the program that is exploited by the shellcode) system
service or OS root privileges
3. If the program is a system service the shellcode (and therefore the attacker) will
have access to much of the system.
4. Root privileges is like having keys to the kingdom

Return to libc - Answer- 1. The return address is overwritten to point to a function in
a library.
2. The function can then be executed with parameters of the attacker's choice.
3. For example the attacker can launch a command shell.

Stack buffer overflow/Stack smashing - Answer- Occurs when the targeted buffer is
located on the stack, usually is a local variable any functions stack frame

Stack frame - Answer- A structure on the stack that stores the return address during
a function call, here It also stores locations and saves parameters to be passed to
the function. Possibly register values too.

Shell code - Answer- Code supplied by an attacker and often saved in the buffer
being overflowed, so the attacker can transfer execution of the program to the Shell
code

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Gurustudy. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $9.52. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

85443 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$9.52
  • (0)
  Add to cart