CompTIA CASP+ (CAS-004) — Question 327

A security team is concerned with attacks that are taking advantage of return-oriented programming against the company's public-facing applications. Which of the following should the company implement on the public-facing servers?

Answer options

• A. IDS
• B. ASLR
• C. TPM
• D. HSM

Correct answer: B

Explanation

The correct answer is B, ASLR (Address Space Layout Randomization), which helps mitigate return-oriented programming attacks by randomizing memory address locations. The other options, such as IDS (A), TPM (C), and HSM (D), do not specifically address the vulnerabilities associated with return-oriented programming.