What would be the result of the following code?
#include
#include
int main(int argc, char *argv[])
{
char *input=malloc(20);
char *output=malloc(20);
strcpy(output, "normal output");
strcpy(input, argv[1]);
printf("input at %p: %s\n", input, input);
printf("output at %p: %s\n", output, output);
printf("\n\n%s\n", output);
}
A. Stack buffer overflow
B. Heap overflow
C. Query string manipulation
D. Pointer Subterfuge
Which Linux command will securely delete a file by overwriting its contents?
A. rm -rf /
B. Shred
C. ps -rm D. del -rm
Shayla is designing a web-based application that will pass data to and from a company extranet. This data is very sensitive and must be protected at all costs. Shayla will use a digital certificate and a digital signature to protect the data. The digital signature she has chosen to use is based on the difficulty in computing discrete logarithms.
Which digital signature has she chosen?
A. Rabin
B. Diffie-Hellman
C. SA-PSS
D. ElGamal
After learning from an external auditor that his code was susceptible to attack, George decided to rewrite some of his code to look like the following.
What is George preventing by changing the code?
public voif doContent(...) {
...
String s;
if ((s = getUsernameByID("userid")) != null) {
s = StringUtils.encodeToHTML(s, 50);
response.write("
Applicant:" + s +
"");
}
...
}
A. Query string manipulation
B. XSS attack
C. Cookie poisoning
D. SQL injection
Steve is using the libcap library to create scripts for capturing and analyzing network traffic.
Steve has never used libcap before and is struggling with finding out the correct functions to use. Steve is trying to pick the default network interface in his script and does not know which function to use.
Which function would he use to correctly choose the default interface in the script?
A. pcap_open_live
B. pcap_int_default
C. pcap_lookupdev
D. pcap_use_int
Processes having the "CAP_NET_BIND_SERVICE" can listen on which ports?
A. Any TCP port over 1024
B. Any UDP port under 1024
C. Any TCP port under 1024
D. Any UDP port over 1024
David is an applications developer working for Dewer and Sons law firm in Los Angeles David just completed a course on writing secure code and was enlightened by all the intricacies of how code must be rewritten many times to ensure its
security. David decides to go through all the applications he has written and change them to be more secure. David comes across the following snippet in one of his programs:
#include
int main(int argc, char **argv)
{
int number = 5;
printf(argv[1]);
putchar(`\n');
printf("number (%p) is equal to %d\n",
andvalue, value);
}
What could David change, add, or delete to make this code more secure?
A. Change putchar(`\n') to putchar("%s", `\n')
B. Change printf(argv[1]) to printf("%s", argv[1])
C. Change printf(argv[1]) to printf(constv [0])
D. Change int number = 5 to const number = ""
What security package is implemented with the following code?
dwStatus = DsMakSpn
(
"ldap",
"MyServer.Mydomain.com",
NULL,
0,
NULL,
andpcSpnLength,
pszSpn
);
rpcStatus = RpcServerRegisterAuthInfo
(
psz
RPC_C_AUTHN_GSS_NEGOTIATE,
NULL,
NULL
);
A. Diffie-Hellman encryption
B. Repurposing
C. SSPI
D. SMDT
Harold is programming an application that needs to be incorporate data encryption. Harold decides to utilize an encryption algorithm that uses 4-bit working registers instead of the usual 2- bit working registers. What encryption algorithm has Harold decided to use?
A. Blowfish
B. RC5
C. RC4
D. RC6
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.