CompTIA Security+ (SY0-501) — Question 965

A software developer is concerned about DLL hijacking in an application being written. Which of the following is the MOST viable mitigation measure of this type of attack?

Answer options

• A. The DLL of each application should be set individually
• B. All calls to different DLLs should be hard-coded in the application
• C. Access to DLLs from the Windows registry should be disabled
• D. The affected DLLs should be renamed to avoid future hijacking

Correct answer: B

Explanation

Hard-coding all calls to different DLLs ensures that the application uses the specific versions of the DLLs it was designed with, mitigating the risk of DLL hijacking. The other options do not provide the same level of protection; for instance, setting DLLs individually or renaming them does not guarantee that the correct DLL will be used, while disabling registry access is not a common practice for this type of mitigation.