CS 545 Midterm review || Graded A+.
EAX correct answers General purpose registers
ECX correct answers Iterator register
ESP correct answers Register that points to the top of the stack
EBP correct answers Register that points to the base of the stack
EDI correct answers Register that points to the Destination Address
EIP correct answers Register that point to the address of the next instruction address
ESI correct answers Register that points to the source address
EDX correct answers Often paired with EAX for extended precision in certain operations, such
as multiplication and division (where EDX:EAX is used to store results). Commonly holds data
used in input/output operations.
EBX (Base Register): correct answers Another general-purpose register.
Often used to hold base addresses for memory operations.
Sometimes serves as an extra register for arithmetic operations or data storage.
Reverse engineering correct answers Process of extracting knowledge
JZ instruction correct answers Jump if zero (look at zero flag)
, JNZ instruction correct answers Jump if not zero
JG instruction correct answers Jump if greater than
JL instruction correct answers Jump if less than
JGE instruction correct answers Jump if greater than or equal to
JLE instruction correct answers Jump if less than or equal to
LEA instruction correct answers Load effective address (Loads the address into a register)
Positives to reverse engineering? correct answers Malware detection
Measure strength of code
Learn from others
Interoperability
Negatives to reverse engineering correct answers Exploiting software
Circumventing protections
Text section correct answers The segment of the code where the actual executable instructions of
a program are stored. This section is typically marked as read-only, meaning that it cannot be
modified at runtime. The section contains the entry point of the program, usually defined by a
label (like _start or main).
Data section correct answers This section contains initialized global and static variables. Used
for long term storage.
EAX correct answers General purpose registers
ECX correct answers Iterator register
ESP correct answers Register that points to the top of the stack
EBP correct answers Register that points to the base of the stack
EDI correct answers Register that points to the Destination Address
EIP correct answers Register that point to the address of the next instruction address
ESI correct answers Register that points to the source address
EDX correct answers Often paired with EAX for extended precision in certain operations, such
as multiplication and division (where EDX:EAX is used to store results). Commonly holds data
used in input/output operations.
EBX (Base Register): correct answers Another general-purpose register.
Often used to hold base addresses for memory operations.
Sometimes serves as an extra register for arithmetic operations or data storage.
Reverse engineering correct answers Process of extracting knowledge
JZ instruction correct answers Jump if zero (look at zero flag)
, JNZ instruction correct answers Jump if not zero
JG instruction correct answers Jump if greater than
JL instruction correct answers Jump if less than
JGE instruction correct answers Jump if greater than or equal to
JLE instruction correct answers Jump if less than or equal to
LEA instruction correct answers Load effective address (Loads the address into a register)
Positives to reverse engineering? correct answers Malware detection
Measure strength of code
Learn from others
Interoperability
Negatives to reverse engineering correct answers Exploiting software
Circumventing protections
Text section correct answers The segment of the code where the actual executable instructions of
a program are stored. This section is typically marked as read-only, meaning that it cannot be
modified at runtime. The section contains the entry point of the program, usually defined by a
label (like _start or main).
Data section correct answers This section contains initialized global and static variables. Used
for long term storage.
