Page 1569 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 1569
Chapter 21: Malicious Code and Application
Attacks
1. A. Signature detection mechanisms use known descriptions of
viruses to identify malicious code resident on a system.
2. B. The DMZ (demilitarized zone) is designed to house systems like
web servers that must be accessible from both the internal and
external networks.
3. B. The time of check to time of use (TOCTOU) attack relies on the
timing of the execution of two events.
4. A. While an advanced persistent threat (APT) may leverage any of
these attacks, they are most closely associated with zero-day
attacks.
5. A. In an attempt to avoid detection by signature-based antivirus
software packages, polymorphic viruses modify their own code
each time they infect a system.
6. A. LastPass is a tool that allows users to create unique, strong
passwords for each service they use without the burden of
memorizing them all.
7. D. Buffer overflow attacks allow an attacker to modify the contents
of a system’s memory by writing beyond the space allocated for a
variable.
8. D. Except option D, the choices are forms of common words that
might be found during a dictionary attack. mike is a name and
would be easily detected. elppa is simply apple spelled backward,
and dayorange combines two dictionary words. Crack and other
utilities can easily see through these “sneaky” techniques. Option D
is simply a random string of characters that a dictionary attack
would not uncover.
9. B. Salting passwords adds a random value to the password prior to
hashing, making it impractical to construct a rainbow table of all
