Certified Information Systems Security Professional – CISSP – Question319

Which of the following techniques BEST prevents buffer overflows?

A.
Boundary and perimeter offset
B. Character set encoding
C. Code auditing
D. Variant type and bit length

Correct Answer: B

Explanation:

Explanation: Some products installed on systems can also watch for input values that might result in buffer overflows, but the best countermeasure is proper programming. This means use bounds checking. If an input value is only sup-posed to be nine characters, then the application should only accept nine characters and no more. Some languages are more susceptible to buffer overflows than others, so programmers should understand these issues, use the right languages for the right purposes, and carry out code review to identify buffer overflow vulnerabilities.