Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Previously searched by you
Previously searched by you
logo
  • CS
  • CS
To add items to your wishlist, you must be logged in
Exam (elaborations)

CS 4337 Exam 2 Review UPDATED QUESTIONS AND CORRECT ANSWERS

Rating
-
Sold
-
Pages
7
Grade
A+
Uploaded on
02-05-2026
Written in
2025/2026

CS 4337 Exam 2 Review UPDATED QUESTIONS AND CORRECT ANSWERS False The Same Origin Policy prevents XSS attacks if a browser implements it correctly. - CORRECT ANSWER Return-oriented programming may exploit a stack buffer overflow. - CORRECT ANSWER True Which of the following option leads to the portability and security of Java? - CORRECT ANSWER Bytecode is executed by JVM The server can trust cookie values in HTTP requests to be untampered since the cookies are set by the server. - CORRECT ANSWER False Which of the following is wrong about Java Byte Code Verifier? - CORRECT ANSWER Checks that the computer resources are available In return-oriented programming, a return from a hijacked function can not be controlled by the hijacker. - CORRECT ANSWER False In Control Flow Integrity (CFI), an in-line reference monitor is a rewriting of the program by inserting instructions to check whether the CFI property is maintained. - CORRECT ANSWER True A Web site that allows users to enter text, such as a comment or a name, and then stores it and later displays it to other users, is potentially vulnerable to a kind of attack what attack is it... - CORRECT ANSWER Cross-site scripting In hardware-enforced NX bit (non-executable bit) - CORRECT ANSWER executable regions The EIP can jump to In Control Flow Integrity (CFI), the detailed labeling method will allow a return from a function to any other function as long as it exists in the same program. - CORRECT ANSWER False

Show more Read less
Institution
CS
Course
CS

Content preview

CS 4337 Exam 2 Review UPDATED
QUESTIONS AND CORRECT ANSWERS
The Same Origin Policy prevents XSS attacks if a browser implements it correctly. - CORRECT
ANSWER False



Return-oriented programming may exploit a stack buffer overflow. - CORRECT
ANSWER True



Which of the following option leads to the portability and security of Java? - CORRECT
ANSWER Bytecode is executed by JVM



The server can trust cookie values in HTTP requests to be untampered since the cookies are set by the
server. - CORRECT ANSWER False



Which of the following is wrong about Java Byte Code Verifier? - CORRECT
ANSWER Checks that the computer resources are available



In return-oriented programming, a return from a hijacked function can not be controlled by the
hijacker. - CORRECT ANSWER False



In Control Flow Integrity (CFI), an in-line reference monitor is a rewriting of the program by inserting
instructions to check whether the CFI property is maintained. - CORRECT ANSWER True



A Web site that allows users to enter text, such as a comment or a name, and then stores it and later
displays it to other users, is potentially vulnerable to a kind of attack what attack is it... - CORRECT
ANSWER Cross-site scripting



In hardware-enforced NX bit (non-executable bit) - CORRECT ANSWER The EIP can jump to
executable regions



In Control Flow Integrity (CFI), the detailed labeling method will allow a return from a function to
any other function as long as it exists in the same program. - CORRECT ANSWER False

, Control flow integrity (CFI) is provided by the compiler and adds instrumentation into the binary
during compile time. - CORRECT ANSWER True



An attacker of return-oriented programming may overflow the buffer by - CORRECT
ANSWER appending one or more fake calling frames



Which of the following is a challenge in program behavior-based detection:



Determining the control flow graph of the program

Detecting deviations from the control flow graph of the program

All of the above - CORRECT ANSWER All of the above



Which of the following is not a Java feature?



Dynamic

Architecture Neutral

Use of pointers

Object-oriented - CORRECT ANSWER Use of pointers



Singed by an untrusted principal remote java code has very restricted access to computer resources. -
CORRECT ANSWER True



It determines what resources a class can access such as reading and writing to the local disk. -
CORRECT ANSWER Security Manager



Protection domains cannot be established by the class loader - CORRECT ANSWER False



Return-oriented programming may exploit shellcode or injected code - CORRECT
ANSWER False



Which of the following is not an example of an XSS attack? - CORRECT ANSWER DNS XSS
Report Copyright Violation

Written for

Institution
CS
Course
CS

Document information

Uploaded on
May 2, 2026
Number of pages
7
Written in
2025/2026
Type
Exam (elaborations)
Contains
Questions & answers

Subjects

  • cs 4337 exam
$11.49
Get access to the full document:
Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF
Get to know the seller
Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
STANFORDTOPGRADES
3.8
(8)

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
STANFORDTOPGRADES Stanford University
View profile
Follow You need to be logged in order to follow users or courses
Sold
56
Member since
1 year
Number of followers
2
Documents
7115
Last sold
3 days ago
TOPSELLER

Hi there! I'm dedicated to sharing my high-quality study guides and helpful EXAM Materials to make your learning easier and more efficient. All my materials are well-organized and tailored to help you ace your courses. I offer genuine and dependable exam papers that are directly obtained from well-known, reputable institutions as a highly regarded professional who specializes in sourcing study materials. Kindly don't hesitate to contact me, my study guides, notes and exams or test banks, are 100% graded and fully guaranteed

Read more Read less
3.8

8 reviews

5
3
4
1
3
3
2
1
1
0

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Learn more Create citation
Working on your references?

Frequently asked questions