Certified Information Systems Security Professional (CISSP) — Question 229
A security architect is developing an information system for a client. One of the requirements is to deliver a platform that mitigates against common vulnerabilities and attacks. What is the MOST efficient option used to prevent buffer overflow attacks?
Answer options
- A. Access control mechanisms
- B. Process isolation
- C. Address Space Layout Randomization (ASLR)
- D. Processor states
Correct answer: C
Explanation
Address Space Layout Randomization (ASLR) is the most efficient method to prevent buffer overflow attacks as it randomizes the memory address space of a process, making it difficult for attackers to predict where their malicious code will reside. Access control mechanisms and process isolation can enhance security but do not directly address buffer overflows, while processor states are unrelated to mitigating such attacks.