SEC204讲解、辅导Python/c++语言、辅导Computer Architecture、讲解Java程序
调试C/C++编程|解析H
SEC204 – Computer Architecture and Low Level Programming Referred Test
Buffer Overflow Vulnerabilities are well-known and understood software flaws, which could result in unexpected unauthorised program behaviour, or crash. Your task is to discuss which conditions can cause buffer overflow vulnerabilities, how they can be detected and prevented. You are also expected to consider the secure software development principles, with which one could avoid buffer overflow vulnerabilities.
You are to write a report entitled ‘Preventing and Detecting Buffer Overflows’, documenting the findings of your investigation. You are expected to support your claims with evidence from literature. You are also expected to write a one-page summary, in which you will summarise your findings and provide recommendations. Your mark will depend on the validity and justification of your answer as well as the depth of analysis.
The overall length of the individual report (excluding appendices) should not exceed 3,000 words. Relevant supporting information may be included as appendices if required.
The report that you present should be supported by appropriate evidence. Any such information that you present must be appropriately cited and referenced in your report – please use Harvard referencing style.
Although you will be expected to make use of printed and online literature in researching and producing your materials, it is not acceptable for you to simply copy and paste material from other sources (small quotes are acceptable, but they must be clearly indicated as being quotes and the source must be referenced appropriately).
Marking Criteria:
Executive Summary (10%)
Summarising the main findings of the report and making appropriate high-level recommendations for detecting and preventing buffer overflows. The executive summary should be addressed to a Chief Information Security Officer.
Introduction and Conclusion (10%)
In addition to introducing the significance of the topic, any assumptions should be stated. The conclusions should relate to the main report and summarise its main findings.
Background (30%)
Providing background information on how buffer overflow vulnerabilities work and the conditions required for their exploitation. Providing overview of existing detection and prevention approaches.
Discussion & Analysis (40%)
Providing further discussion on the effectiveness of existing detection and prevention mechanisms, as well as the extent to which relevant secure software development methodologies could help alleviate the problem.
Presentation, Structure & References (10%)
Is the report well-presented and structured? Is it readable? Does it elaborate and convey the intended points effectively? Does it make good use of graphs, tables, and images? Is the report supported by a wide set of references? Is the format correct and consistent? Are facts/figures/claims in the report supported by a suitable reference?
Threshold Criteria (these are indicative only):
To achieve a pass (40%+), you must demonstrate basic understanding of buffer overflow vulnerabilities and secure software development methodologies. You are expected to show basic understanding of buffer overflow detection and prevention mechanisms. Your report is expected to have a basic structure and evidence of literature supporting claims in the report.
To achieve a good pass (50%+), you must demonstrate good understanding of buffer overflow vulnerabilities and relevant secure software development methodologies. You are expected to show good understanding of buffer overflow detection and prevention mechanisms. Your report is expected to draw evidence from different sources, include citations, and provide elements of analysis and discussion. Clear conclusions should be made.
To achieve a merit mark (60%+), you must demonstrate very good understanding of buffer overflow vulnerabilities and relevant secure software development methodologies. You are expected to show very good understanding of buffer overflow detection and prevention mechanisms. Your report is expected to draw evidence from a wide range of different academically credible sources, include citations, and provide well-evidenced and justified analysis and discussion. Clear conclusions should be made.
To achieve a distinction mark (70%+), you must conduct a thorough, well-documented and well-justified review of the topic, highlighting key considerations in the detection and prevention of buffer overflow vulnerabilities. Clear conclusions should be made based on the discussion. Your report is expected to draw evidence from a wide range of different academically credible sources, and provide evidence in the form of citation for every claim it makes.