Asg4-sftwrsec and bof (1)

docx

School

Kennesaw State University *

*We aren’t endorsed by this school

Course

4823

Subject

Computer Science

Date

Feb 20, 2024

Type

docx

Pages

Uploaded by MagistrateScience5019

Assignment #4 Software Security / Buffer Overflow Concepts Software Security [60 points] Below is a list of Application Security tools. Research 2 tools of your choice from the list below or you may choose another  Rapid7  Veracode  Rencore  White Hat Security  Arachni  Wapiti  W3af  Checkmarx 1. Document what the tool can do in relation to typical software security vulnerabilities [25 points x 2]. Example way to present data. 1. Tool 1 a. Overview b. Vulnerabilities Identified c. Languages. Tools, etc. supported d. Costs e. Other advantages or disadvantages 2. Tool 2 a. Overview b. Vulnerabilities Identified c. Languages. Tools, etc. supported d. Costs e. Other advantages or disadvantages Which would you recommend of the two and why? [10 points] Buffer Overflow [40 points] Question 1: Draw and explain a function stack frame for the following C function similar to the slides 12-15 in the teaching materials. [ 20 point ]

main () { int value; value = bof (“12345678910”); } int bof (char *str) { char buffer [10]; strcpy (buffer, str); return 1; } Answer: Question 2: Is this following code segment safe? Explain why or why not ? [ 10 points ] int bof (char *str, int size) { char *buffer = (char *) malloc (size); strcpy (buffer, str); return 1; } Notes: malloc is a C library function that allocates space of a specific size Question 3: Why does ASLR make buffer-overflow attack more difficult? [10 points]

Your preview ends here

Eager to read complete document? Join bartleby learn and gain access to the full version

Access to all documents
Unlimited textbook solutions
24/7 expert homework help

Related Documents

ICX 1 Solution.pdf

Discussion Thread - Standards Comparison.docx

ABA 628 test.docx

DSCI 4520 - Assignment 3.docx

BAYES' THEOREM GOOD QUESTIONS.pdf

CS Final Review Document.pdf

Asg3-ethereum-sep21 (1).docx

Review_CNNs_solution.pdf

HW3a.knit.pdf

FCS 240 Assignment 1 - Winter 24.docx

Lab 10.pdf

Lab5.knit.pdf

Recommended textbooks for you

Management Of Information Security

Computer Science

ISBN:9781337405713

Author:WHITMAN, Michael.

Publisher:Cengage Learning,

Information Technology Project Management

Computer Science

ISBN:9781337101356

Author:Kathy Schwalbe

Publisher:Cengage Learning

Principles of Information Security (MindTap Cours...

Computer Science

ISBN:9781337102063

Author:Michael E. Whitman, Herbert J. Mattord

Publisher:Cengage Learning

Principles of Information Systems (MindTap Course...

Computer Science

ISBN:9781305971776

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

MIS

Computer Science

ISBN:9781337681919

Author:BIDGOLI

Publisher:Cengage

Fundamentals of Information Systems

Computer Science

ISBN:9781337097536

Author:Ralph Stair, George Reynolds

Publisher:Cengage Learning

SEE MORE TEXTBOOKS

Recommended textbooks for you

Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Information Technology Project Management
Computer Science
ISBN:9781337101356
Author:Kathy Schwalbe
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
MIS
Computer Science
ISBN:9781337681919
Author:BIDGOLI
Publisher:Cengage
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning