CompTIA CASP+ (CAS-003) — Question 34

A company is developing requirements for a customized OS build that will be used in an embedded environment. The company procured hardware that is capable of reducing the likelihood of successful buffer overruns while executables are processing. Which of the following capabilities must be included for the OS to take advantage of this critical hardware-based countermeasure?

Answer options

• A. Application whitelisting
• B. NX/XN bit
• C. ASLR
• D. TrustZone
• E. SCP

Correct answer: B

Explanation

The NX/XN bit is a crucial feature that allows the operating system to mark memory regions as non-executable, thereby preventing code from being run from those areas and reducing buffer overflow vulnerabilities. Other options, while beneficial for security, do not directly utilize the specific hardware capabilities mentioned to prevent buffer overruns.