1
Q
What is a buffer overflow?
A
When a section of memory is able to spill over to another section of memory and overwrite it. Attackers abuse poor programming to accomplish this.
2
Q
How can buffer overflow be avoided?
A
Proper programming practices such and not using a weak programming language.
CompTIA Security+ SY0-501
flashcards
Decks in class (134)
# Cards
-
Glossary of Terms Page 114
-
Glossary of Terms Page 214
-
Glossary of Terms Page 313
-
Glossary of Terms Page 49
-
Glossary of Terms Page 512
-
Injection Attacks6
-
Buffer Overflows2
-
Replay Attack6
-
Phishing11
-
Impersonation4
-
Dumpster Diving3
-
Shoulder Surfing1
-
Hoaxes1
-
Watering Hole Attacks1
-
Spam6
-
Influence Campaigns3
-
Other Social Engineering Attacks4
-
Principles of Social Engineering1
-
Malware4
-
Viruses8
-
Ransomware4
-
Trojans and RATs4
-
Rootkits4
-
Adware3
-
Penetration Testing 1.412
-
Reconnaissance5
-
Security Teams5
-
Configuration Management6
-
Protecting Data10
-
Data Loss Prevention 2.14
-
Managing Security8
-
Vulnerability Types 1.617
-
Firewalls 2.16
-
VPN Concentrators 2.112
-
Network Intrusion Detection and Prevention 2.16
-
Router and Switch Security 2.19
-
Proxies 2.15
-
Load Balancers 2.14
-
Wireless Access Points (WAP) 2.110
-
SIEM 2.16
-
Network Access Control 2.17
-
Mail Gateways 2.14
-
Other Security Devices 2.15
-
Software Security Tools 2.214
-
Command Line Security Tools 2.211
-
Common Security Issues 2.313
-
Analyzing Security Output 2.412
-
Mobile Device Connection Methods 2.57
-
Mobile Device Management 2.511
-
Mobile Device Enforcement 2.513
-
Mobile Device Deployment Models 2.55
-
Secure Protocols 2.613
-
Compliance and Frameworks 3.17
-
Secure Configuration Guides 3.16
-
Defense-in-Depth 3.14
-
Secure Network Topologies 3.28
-
Network Segmentation 3.25
-
VPN Technologies 3.23
-
Security Technology Placement 3.27
-
Securing SDN 3.22
-
Hardware Security 3.38
-
Operating System Security 3.310
-
Secure Deployments 3.43
-
Embedded Systems 3.57
-
Development Life-Cycle Models 3.63
-
Secure DevOps 3.65
-
Version Control and Change Management 3.64
-
Provisioning and Deprovisioning 3.63
-
Secure Coding Techniques 3.612
-
Code Quality and Testing 3.67
-
Virtualization 3.73
-
Virtualization Security 3.72
-
Cloud Deployment Models 3.74
-
Security in the Cloud 3.75
-
Resiliency and Automation 3.85
-
Redundancy, Fault Tolerance, and High Availability 3.812
-
Physical Security Controls 3.9 Part 110
-
Physical Security Controls 3.9 Part 213
-
AAA and Authentication 4.110
-
Identity and Access Service 4.28
-
PAP, CHAP, MS-CHAP 4.24
-
Federated Identities 4.25
-
Access Control Models 4.38
-
Access Control Technologies 4.38
-
Account Types 4.44
-
Account Management 4.49
-
Account Policy Enforcement 4.46
-
Agreement Types 5.17
-
Personnel Management 5.19
-
Role Based Awareness Training 5.17
-
General Security Policies 5.12
-
Business Impact Analysis 5.212
-
Risk Assessment 5.38
-
Incident Response Planning 5.45
-
Incident Response Process 5.410
-
Gathering Forensic Data 5.511
-
Using Forensics Data 5.53
-
Disaster Recovery Sites 5.63
-
Application Recovery 5.66
-
Geographic Considerations 5.64
-
Continuity of Operations 5.65
-
Security Controls 5.75
-
Data Destruction 5.85
-
Handling Sensitive Data 5.83
-
Data Roles and Retention 5.85
-
Cryptography Concepts 6.18
-
Symmetric and Asymmetric Encryption 6.14
-
Hashing and Digital Signatures 6.14
-
Randomizing Cryptography 6.13
-
Weak Encryption 6.14
-
Cryptographic Keys 6.14
-
Steganography 6.13
-
Stream and Block Ciphers 6.12
-
States of Data 6.13
-
Perfect Forward Secrecy 6.12
-
Common Cryptography Use Cases 6.13
-
Symmetric Algorithms 6.27
-
Block Cipher Modes 6.27
-
Asymmetric Algorithms 6.27
-
Hashing Algorithms 6.24
-
Key Stretching Algorithms 6.22
-
Obfuscation 6.25
-
Wireless Cryptographic Protocols 6.36
-
Wireless Security 6.34
-
PKI Components 6.410
-
PKI Concepts 6.47
-
Types of Certificates 6.48
-
Certificate File Formats 6.47
-
Ports & Protocols26
-
Important Acronyms Ch 6 Network Components21
-
Important Acronyms Chapter 713
-
Chapter 16 Resiliency and Automation Strategies7
-
CompTia Ports19
-
Exam Premium Practice Test A Review Cards5
