QUESTION: 1

John works as a C programmer. He develops the following C program:

#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

A. SQL injection
B. Denial-of-Service
C. Buffer overflow
D. Cross site scripting

Answer(s): C
Explanation:
This program takes a user-supplied string and copies it into 'buffer1', which can hold up to 10 bytes
of data. If a user sends more than 10 bytes, it would result in a buffer overflow.

QUESTION: 2 DRAG DROP

Drag and drop the terms to match with their descriptions.

2