312-92 Dumps
312-92 Braindumps
312-92 Real Questions
312-92 Practice Test
312-92 Actual Questions
killexams.com EC-Council 312-92
EC-Council Certified Secure Programmer v2 (CSP)
https://killexams.com/pass4sure/exam-detail/312-92
Sideline diffusion
Backdoor diffusion
What type of authentication is used in the following Pocket SOAP code? Dim Envelope
Dim HTTP
Set Envelope = CreateObject("PocketSOAP.Envelope.2")
Set HTTP = CreateObject("PocketSOAP.HTTPTransport.2) Envelope.SetMethod "GetSome", "http://www.mysite.org/message/" Emvelope.Parameters.Create "SomeParameter", "SomeValue" HTTP.SOAPAction = "http://www.mysite.org/action/Service.GetSome" HTTP.Authentication "Username", "Password"
HTTP.Send http://www.mysite.org/webservice.WDSL",Envelope.Serialize Envelope.Parse HTTP
MsgBox "Result: " & Envelope.Parameters.Item(0).Value
A. Digest authentication
. SSL authentication
Basic authentication
Integrated authentication
What function can be used with SQL to encrypt user supplied-passwords to that they can be compared with the encrypted passwords stored on the SQL server?
pwdencrypt()
userencrypt()
DESpassword()
passwordin()
Darren has just been hired on as the SQL dba for Fredrickson Inc., a marketing firm in New York City. He has been asked to clearn up the SQL databases on one of the servers.
What SQL stored procedure could Darren use to remove user accounts from the databases?
sp_revokedbaccess
sp_revokeusers
sp_removeoldusers
sp_denyaccess
What encryption algorithm is used by PERL crypt() function?
Skipjack
3DES
DES
AES
Cylie is the Oracle DBA for her company and now wants to track all actions on her Oracle server using auditing. What file should Cylie insert the following line into? udit_trail = true
Sqlaudit.conf
audit.sql
init.ora
audit.sql
Travis is writing a website in PHP but is worried about its inherent vulnerability from session hijacking. What function could Travis use to protect against session hijacking in his PHP code?
Renew_session_id
PHP_id_renew
Create_newsession_id
Session_regenerate_id
What vulnerability is the following code susceptible to?
CREATE OR REPLACE PROCEDURE demo (name in VARCHAR2) as
cursor_name INTEGER; rows_processed INTEGER; sql VARCHAR2(150); code VARCHAR2(2);
BEGIN
...
sql := 'SELECT postal_code FROM states WHERE state_name = '''
|| '''';
cursor_name := dbms_sql.open_cursor; DBMS_SQL.PARSE(cursor_name, sql, DBMS_SQL.NATIVE); DBMS_SQL.DEFINE_COLUMN(cursor_name, 1, code, 10);
row_processed:= DMBS_SQL.EXECUTIVE(cursor_name); DBMS_SQL.CLOSE_CURSOR(cursor_name);
SQL string manipulation
DBMS_Open string attacks
Oracle injection
SQL injection
When dealing with IA32 (x86) systems, how are the inputted variables treated as they enter the memory stack?
Cache for 30 seconds
LIFO
FIFO
FCFS
William, a software developer just starting his career, was asked to create a website in PHP that would allow visitors to enter a month and a year for their birth date. The PHP code he creates has to validate the input after it is entered. If William uses the following code, what could a malicious user input to the year value to actually delete the whole website?
$month = $_GET['month'];
$year = $_GET['year'];
exec("cal $month $year", $result); print "<PRE>";
foreach($result as $r)
{
print "$r<BR>";
}
print "</PRE>";
";gf -rm *"
";dfr -php *"
";php -rf *"
";rm -rf *"
What type of encryption will be used from the following code? Dim Publickey As Byte() = {214,46,220,83,160,73,40,39,201 155,19,202,3,11,191,178,56,74,90,36,248,103,
18,144,170,163,145,87,54,61,34,220,222,207,
137,149,173,14,92,120,206,222,158,28,40,24,
30,16,175,108,128,35,203,118,40,121,113,125,
216,130,11,24,9,0,48,194,240,105,44,76,34,57,
249,228,125,80,38,9,136,29,117,207,139,168,181,
85,137,126,10,126,242,120,247,121,8,100,12,201,
171,38,226,193,180,190,117,177,87,143,242,213,
11,44,18,0,113,93,106,99,179,68,175,211,164,116,
64,148,226,254,172,147}
Dim Exponent As Byte() = {1,0,1}
Dim Encrypted SymmetricKey() As Byte Dim Encrypted SymmetricIV() As Byte
Dim RSA as New RSACryptoServiceProvider()
Dim RSAKeyInfo As New RSAParameters() RSAKeyInfo.Modules = PublicKey RSAKeyInfo.Exponent = Exponent RSA.ImportParameters(RSAKeyInfo)
Dim RM As New RijendaelManaged() EncryptedSymmetricKey = RSA.Encrypt(RM.Key,False) EncryptedSymmetricIV = RSA.Encrypt(RM.Key,False)
Symmetric encryption
MITM encryption
Reverse-key encryption
Asymmetric encryption
Peter is writing a program that has a GUI front-end and uses a MS SQL database as a backend. Peter's application will repeatedly update and call upon specific tables in the database on a regular basis. Peter wants to make sure that his program always has the ability to update the database and that no other calls or updates can touch the database tables used at the same time. How could Peter accomplish this in his application?
Explicit lock
SET TRANSACTION EXCLUSIVE
SET TRANSACTION WRITE
Implicit lock
Victor has completed writing his software application and is now working on error messages that will be displayed in case of any kind of failure or problem. He has written code that will display a op-up message where there is an error. He has also written code that explain the error that has occurred. What is the last aspect of error messages that Victor needs to create for his application?
Display exact code in application where erroroccurred
Suggest solution
Shut down application so no damage canoccur
Fix error in application
What type of problem will result if the following statement is used? int main()
{
short int a;
unsigned short int=b32768; a=b;
printf( " a = %d", a); b=65535;
a=b;
printf( " a = %d", a);
}
Truncation
Pointer subterfuge
Sign error
Function-pointer clobbering