Non executable data pages


Explanation: Storage is divided into code segments that might be read or executed but not written and into data segments that might be read or written but not executed.

Vulnerabilities addressed: This element does not eliminate vulnerabilities in software; it does make it more difficult for the attacker to exploit them.

Developer resources required: Developer needs to organize code to take advantage of this structure and its supporting hardware mechanisms.

Evaluator resources required: Evaluator needs to review the use of mechanisms for assigning code and data to storage segments.