Computer Security Fundamentals

Questions and Answers

What is the primary purpose of a non-executable stack?

• To allow shellcode execution from the stack
• To prevent shellcode from being run from the stack (correct)
• To enable the execution of all software
• To improve overall system performance

How does Address Space Layout Randomization (ASLR) decrease an attacker's chance of success?

• By randomly arranging parts of the process address space (correct)
• By making memory locations predictable
• By eliminating the need for process address space
• By preventing any memory access by attackers

Which of the following statements about ASLR is true?

• ASLR can make memory usage predictable.
• ASLR is less effective on systems without libraries.
• ASLR has been implemented in Unix-based systems to defend against argv[]. (correct)
• ASLR does not affect the stack layout in any operating system.

What significant effect does a non-executable stack have on existing software?

Software requiring an executable stack will not work. (B)

What type of attack does ASLR specifically aim to defend against?

Return-to-libc attacks (C)

Flashcards are hidden until you start studying

Study Notes

Non-executable Stack

• Prevents execution of shellcode by marking the stack as non-executable.
• Software that requires an executable stack may become incompatible or cease to function properly.

Address Space Layout Randomization (ASLR)

• Reduces predictability of memory usage, hindering attackers who rely on known memory locations.
• Enhances security by randomly rearranging important elements of the process address space:
  • Base of the executable
  • Heap memory
  • Stack memory
  • Libraries used by the program
• Implemented in BSD (Unix) to protect against vulnerabilities associated with argv[].
• Used in Windows to defend against return-to-libc attacks, improving system resilience.