Certified Information Systems Security Professional (CISSP) — Question 166

Which mechanism provides the BEST protection against buffer overflow attacks in memory?

Answer options

• A. Address Space Layout Randomization (ASLR)
• B. Memory management unit
• C. Stack and heap allocation
• D. Dynamic random access memory (DRAM)

Correct answer: A

Explanation

Address Space Layout Randomization (ASLR) is effective because it randomizes the memory addresses used by system and application processes, making it difficult for attackers to predict where to inject malicious code. The other options, while related to memory management, do not specifically address the vulnerabilities associated with buffer overflows, thus providing less protection.