As a software developer, you are aware that various generations of programming languages have different features. Which of the following is most vulnerable to buffer overflow attacks? (Wentz QOTD)
A. Client-based applications using C
B. Server-based applications using C#
C. Data-centric applications using Java
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is A. Client-based applications using C.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
Buffer overflows may happen in managed applications. However, they are typically well-managed by the runtime or sandbox. C applications manage memory by themselves; they are more vulnerable to buffer overflow attacks.
作為軟件開發人員，您知道不同代的編程語言具有不同的特性。 以下哪一項最容易受到緩衝區溢出攻擊？ (Wentz QOTD)
A. 使用 C 的基於客戶端的應用程序
B. 使用 C# 的基於服務器的應用程序
C. 使用 Java 的以數據為中心的應用程序