Q. What is the Single-Step Interrupt used for in NuMega SoftICE?

View solution

Q. How does the program use the exception handler to detect whether SoftICE is running?

View solution

Q. What is the advantage of using the Single-Step Interrupt trick to detect SoftICE?

View solution

Q. What is the trap flag approach for detecting debuggers?

View solution

Q. What is the advantage of the trap flag approach?

View solution

Q. What is a limitation of the trap flag approach?

View solution

Q. What is the advantage of using code checksums as an antidebugging technique?

View solution

Q. How does the code checksum technique work as an antidebugging measure?

View solution

Q. What is the downside of using code checksums as an antidebugging technique?

View solution

Q. How can the use of code checksums be optimized to minimize the impact on program execution time?

View solution

Q. What is a potential consequence of modifying the program code to make it more difficult for reversers to understand the program flow?

View solution

Q. What is the strategy of confusing disassemblers as a means of preventing or inhibiting reversers?

View solution

Q. What is the difference between linear sweep and recursive traversal in disassembly?

View solution

Q. Which type of disassembler is more reliable and tolerant of antidisassembly tricks?

View solution

Q. Which of the following is NOT a potential effect of confusing disassemblers?

View solution

Q. What is an opaque predicate?

View solution

Q. What is the difference between linear sweep and recursive traversal disassemblers?

View solution

Q. Which disassemblers can properly disassemble code with opaque predicates?

View solution

Q. What is the purpose of the pseudorandom values in the macro?

View solution

Q. Why is the LINE macro used in the macro?

View solution