A financial institution is deploying a new application server cluster that will handle sensitive customer transactions. The security architect wants to reduce the risk of attackers succeeding with code-injection and buffer-overflow exploits by making it unpredictable where executable code and libraries reside in process memory. Which operating-system security mechanism best achieves this goal?
Address Space Layout Randomization (ASLR) is the best choice because it randomizes the in-memory locations of the stack, heap, libraries, and executable code each time a process starts. This unpredictability makes it far more difficult for an attacker to know where to jump when exploiting a buffer-overflow or code-injection vulnerability.
Data Execution Prevention (DEP) marks certain memory pages as non-executable, helping block injected shell-code, but it does not randomize addresses and can still be bypassed via techniques such as return-oriented programming. Stack canaries detect some stack-based overflows but do not randomize memory layout. Transport Layer Security (TLS) protects data in transit rather than defending against in-memory exploitation.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is Address Space Layout Randomization (ASLR)?
Open an interactive chat with Bash
How does ASLR differ from Data Execution Prevention (DEP)?
Open an interactive chat with Bash
What types of attacks does ASLR protect against?
Open an interactive chat with Bash
ISC2 CISSP
Security Architecture and Engineering
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .