Valid CAS-005 Dumps shared by EduDump.com for Helping Passing CAS-005 Exam! EduDump.com now offer the newest CAS-005 exam dumps, the EduDump.com CAS-005 exam questions have been updated and answers have been corrected get the newest EduDump.com CAS-005 dumps with Test Engine here:
A security architect examines a section of code and discovers the following: char username[20] char password[20] gets(username) checkUserExists(username) Which of the following changes should the security architect require before approving the code for release?
Correct Answer: C
The use of gets() allows an attacker to overflow the 20-byte username buffer by entering more data than it can hold. Enforcing a 20-character limit (for example, by switching to fgets(username, sizeof(username), stdin)) prevents buffer overruns and eliminates this class of vulnerability.