> dcontesti (Community Champion) mentioned you in a post! Join the conversation below:

>   So I like where you are going by bringing
> Privacy to the forefront for Security folks, however should the question be
> changed to list the actual laws.

Probably true. I'm not sure if I was serious about that DP question: it was more
that Gloria challenged me about writing one, and, once I had done it for the
presentation as a kind of discussion starter, it did seem like it illustrated how you
need to approach questions on the exam, so ...

>  With recent changes in privacy not all
> laws in the US support differential privacy. I am specifically thinking
> about CCPA and CPRA (which a number of states are following or copying) and
> more akin to GDPR than anything.

Yeah. However, for most of the prior US stuff, it does follow a pattern of being
more about disclosure than actual privacy.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
If we do not plant knowledge when young, it will give us no shade
when we are old. - Lord Chesterfield
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

Which one of the following accurately describes Ethernet transmissions?

 

a. Traffic is broadcast to all computers on the network segment.
b. Traffic originates from one location and is sent to a single destination.
c. Traffic is sent directly to the gateway router for forwarding.
d. Traffic is routed based on the system network communications architecture.

 

Answer: a.

 

Reference: IEEE 802.3 Standard
Network Security; Simmons; McGraw-Hill; 1997; pg 154.

 

Discussion:
Answer a - correct.
Answer b - wrong - would only be true if there were only 2 stations on the segment, otherwise all stations will see the traffic.
Answer c - wrong - a gateway router is not required to complete a transmission between two stations on the same segment.
Answer d - nonsensical.

(d). is wrong, the answer is (a) or (b).

> Startzc (Newcomer I) posted a new reply in Exams on 12-29-2020 02:46 PM in the

> Came across this question on a practice test that someone else recommended

With friends like that ...

> While agree with it
> technically, if the data processed is validated correctly and size limits are
> enforced, the amount of memory shouldn't be the cause (or the Why?). Thoughts?

First thought: it's a stupid and poorly written question.

Second thought: I'd go even further, and say that, technically, not even D is
correct. It isn't insufficient system memory, but insufficient memory allocation.

Third thought: I like your thought processes, and would say that you are
approaching questions correctly.

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
If you can't explain it simply ... you don't understand it well
enough. - Albert Einstein
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413

B was my choice, if that wasn't clear from my original comment.

 

Thanks, rslade. It wasn't a "friend;" but it is someone that I may have to work with in the future. So I will be very suspect of their decision making abilities and future recommendations. I've pretty much run through all the paid study material I have twice already, so I have been spending spare time doing any free practice tests that I come across, for my own benefit and to find things to share with colleagues.

 

I'm taking CISSP on the 12th and this thread has been really helpful in getting me out of my own head and into the right mindset for the test. You rock!

---

@Startzc wrote:

Came across this question on a practice test that someone else recommended, and was curious of your opinion on the answer and explanation it gives:

 

Why do buffers overflow?

(a) Because buffers can only hold so much data.
(b) Because input data is not checked for appropriate length at time of input.
(c) Because they are an easy weakness to exploit.
(d) Because of insufficient system memory.

 

Answer: (d) Buffer overflows are the most common type of DoS attack. Here, an attacker sends more data than the application's buffer can hold. When the amount of data exceeds the buffer size, the extra data overflows under the stack, often causing the application or the whole system to crash. In some cases, the data can be carefully crafted to include machine code that will execute when it overflows onto the stack.

 

########################

While agree with it technically, if the data processed is validated correctly and size limits are enforced, the amount of memory shouldn't be the cause (or the Why?). Thoughts?

---

So if we can define a buffer and buffer overflow as:

Buffers are areas of memory set aside to hold data, often while moving it from one section of a program to another, or between programs. Buffer overflows can often be triggered by malformed inputs; if one assumes all inputs will be smaller than a certain size and the buffer is created to be that size, then an anomalous transaction that produces more data could cause it to write past the end of the buffer. If this overwrites adjacent data or executable code, this may result in erratic program behavior, including memory access errors, incorrect results, and crashes.

Then D is incorrect because it is not the cause of the buffer overflow. It might be A cause, but not always THE cause. If we are just looking for a cause then A (per the answer provided and highlighted in bold above) and B are correct also.

C would be incorrect because it is not why a buffer overflows, just a possible attack vector. Even if it is a very popular attack vector it is not why a buffer overflows.

B is correct but it is not why the buffer overflows. Yes checking input length can prevent buffer overflows, but it is not why the buffer overflowed. Chicken and egg theory.

A is the most correct answer to me, even if poorly worded. The correct statement would be because buffers can only hold the amount of data they are allocated to hold.

 

So technically buffers overflow because more data is input than was allocated for, and answer a is the only answer that is 100% true. Answer B is a preventative measure and can eliminate A but per definition, A is still more correct. C is incorrect and D might cause an overflow but is not the cause of 100% of an overflow.

 

I agree with others that it is a horrible question.

> Startzc (Newcomer I) posted a new reply in Exams on 12-29-2020 03:42 PM in the

> You rock!

We does our 'umble best ...

====================== (quote inserted randomly by Pegasus Mailer)
rslade@gmail.com rmslade@outlook.com rslade@computercrime.org
If it were not for quotations, conversation between gentlemen
would consist of an endless succession of `what-ho's!
- P. G. Wodehouse
victoria.tc.ca/techrev/rms.htm http://twitter.com/rslade
http://blogs.securiteam.com/index.php/archives/author/p1/
https://community.isc2.org/t5/forums/recentpostspage/user-id/1324864413