What kernel protection mechanism helps prevent hijacking functions and pieces of code from apps and using those apps and their permissions to perform malicious actions.
Choose an answer
Tap an option to check your answer.
Correct answer: CFI - Control Flow Integrity.
Why this is the answer
CFI (Control Flow Integrity) is the correct answer because it's a kernel protection mechanism designed to prevent attackers from hijacking the execution flow of an application. It ensures that the program's execution follows a predefined, valid path, making it difficult for attackers to inject and execute malicious code or reuse existing code for unintended purposes. PIE (Position Independent Executable) and ASLR (Address Space Layout Randomization) are related security features that make memory addresses unpredictable, hindering certain types of attacks, but they don't directly enforce control flow. SECComp (Secure Computing) is a Linux kernel feature that allows a process to restrict the system calls it can make, limiting its attack surface, but it doesn't specifically prevent control flow hijacking in the same way CFI does.
Pass your exam — without the endless answer hunt
Get every verified question and explanation for this exam in one place, and save hours of prep. 1,000+ certifications · 20+ languages · free to start.
Pass your exam faster → No card needed