Threats and Additional Threats in Information Security

18 Questions

What is a common threat related to mobile code execution?

Dynamic email risks

Which type of small programs written in Java are usually subject to a sandbox?

Java applets

What is an issue that Java applets are meant to address?

JavaScript security

Which of the following poses a significant risk in emails?

Dynamic email scripts

What type of control is suggested for emails with active scripts or links?

Restrictions on email functions

Which of the following is more likely to be affected by Object reuse vulnerability?

Garbage collection mechanisms

What is a buffer overflow?

A temporary area for data storage where extra data can overwrite other buffers

How can a buffer-overflow attack be exploited by a hacker?

By flooding a memory space reserved for a program

Which type of buffer overflow is more common among attackers?

Stack-based buffer overflows

What is the main difference between stack-based and heap-based buffer overflows?

Stack-based overflows are more difficult to execute

Which type of buffer overflow attack is considered difficult to execute and less common?

Heap-based buffer overflow

In a buffer overflow attack, what does the extra data sometimes contain that could trigger specific actions?

Specific instructions for actions intended by a hacker

What is the purpose of garbage collection in Java?

To efficiently manage memory use

What is a trap door in a program?

A security feature that allows bypassing normal access procedures

Which of the following is a risk associated with incomplete parameter check and enforcement?

Malformed data input can bypass security checks

What is the main concern regarding object reuse vulnerability?

Sensitive residual data exposure

Which type of covert channel communicates by modifying a stored object?

Storage Channels

What precaution should be taken to ensure confidential information is protected from being re-assigned without being cleared?

Erasing information immediately after use

Explore concepts related to threats in information security, including object reuse, garbage collection, and the risks associated with not deallocating memory properly. Learn about various types of threats and how they can impact data security.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.