EC-Council Certified Secure Programmer v2

 EC-Council Certified Secure Programmer v2
QUESTION 1 Harold is programming an application that needs to be incorporate data encryption. Harold decides to utilize an encryption algorithm that uses 4-bit working registers instead of the usual 2- bit working registers. What encryption algorithm has Harold decided to use? A. Blowfish B. RC5 C. RC4 D. RC6 Answer: D QUESTION 2 What security package is implemented with the following code? dwStatus = DsMakSpn ( "ldap", "MyServer.Mydomain.com", NULL, 0, NULL, &pcSpnLength, pszSpn ); rpcStatus = RpcServerRegisterAuthInfo ( psz RPC_C_AUTHN_GSS_NEGOTIATE, NULL, NULL ); A. Diffie-Hellman encryption B. Repurposing C. SSPI D. SMDT Answer: A QUESTION 3 Steve is using the libcap library to create scripts for capturing and analyzing network traffic. Steve has never used libcap before and is struggling with finding out the correct functions to use. Steve is trying to pick the default network interface in his script and does not know which function to use. Which function would he use to correctly choose the default interface in the script? A. pcap_open_live B. pcap_int_default C. pcap_lookupdev D. pcap_use_int Answer: C QUESTION 4 Processes having the "CAP_NET_BIND_SERVICE" can listen on which ports? A. Any TCP port over 1024 B. Any UDP port under 1024 C. Any TCP port under 1024 D. Any UDP port over 1024 Answer: C QUESTION 5 David is an applications developer working for Dewer and Sons law firm in Los Angeles David just completed a course on writing secure code and was enlightened by all the intricacies of how code must be rewritten many times to ensure its security. David decides to go through all the applications he has written and change them to be more secure. David comes across the following snippet in one of his programs: #include <stdio.h> int main(int argc, char **argv) { int number = 5; printf(argv[1]); putchar(`\n'); printf("number (%p) is equal to %d\n", &value, value); } What could David change, add, or delete to make this code more secure? A. Change putchar(`\n') to putchar("%s", `\n') B. Change printf(argv[1]) to printf("%s", argv[1]) C. Change printf(argv[1]) to printf(constv [0]) D. Change int number = 5 to const number = "" Answer: B QUESTION 6 Which Linux command will securely delete a file by overwriting its contents? A. rm -rf / B. Shred C. ps -rm D. del -rm Answer: B QUESTION 7 Shayla is designing a web-based application that will pass data to and from a company extranet. This data is very sensitive and must be protected at all costs. Shayla will use a digital certificate and a digital signature to protect the data. The digital signature she has chosen to use is based on the difficulty in computing discrete logarithms. Which digital signature has she chosen? A. Rabin B. Diffie-Hellman C. SA-PSS D. ElGamal Answer: D QUESTION 8 After learning from an external auditor that his code was susceptible to attack, George decided to rewrite some of his code to look like the following. What is George preventing by changing the code? public voif doContent(...) { ... String s; if ((s = getUsernameByID("userid")) != null) { s = StringUtils.encodeToHTML(s, 50); response.write("<br>Applicant:<u>" + s + "</u>"); } ... } A. Query string manipulation B. XSS attack C. Cookie poisoning D. SQL injection Answer: B QUESTION 9 Fred is planning on using the windows socket application ClientApp.exe program to create a client-side application that his employees will use. This program will access backend programs from two different remote sites over WAN connections. If Fred does not make any modifications to the ClientApp.exe default settings, what port must he have the network engineer open in order for the application to communicate? A. 21 B. 23 C. 25 D. 80 Answer: D QUESTION 10 What would be the result of the following code? #include <stdio.h> #include <stdlib.h> int main(int argc, char *argv[]) { char *input=malloc(20); char *output=malloc(20); strcpy(output, "normal output"); strcpy(input, argv[1]); printf("input at %p: %s\n", input, input); printf("output at %p: %s\n", output, output); printf("\n\n%s\n", output); } A. Stack buffer overflow B. Heap overflow C. Query string manipulation D. Pointer Subterfuge Answer: B

Write a review

Note: HTML is not translated!
    Bad           Good
Captcha
  • Vendor: ECCouncil
  • Exam Code: 312-92
  • Total Questions: 99
  • Update Time: 2017-10-30
  • Availability: In Stock
  • $39.00

Available Formats

Tags: ec-council, certified, secure, programmer, 312-92