Travis is writing a website in PHP but is worried about its inherent vulnerability from session hijacking. What function could Travis use to protect against session hijacking in his PHP code?
A. Renew_session_id
B. PHP_id_renew
C. Create_newsession_id
D. Session_regenerate_id
What type of authentication is used in the following Pocket SOAP code? Dim Envelope
Dim HTTP
Set Envelope = CreateObject("PocketSOAP.Envelope.2")
Set HTTP = CreateObject("PocketSOAP.HTTPTransport.2)
Envelope.SetMethod "GetSome", "http://www.mysite.org/message/"
Emvelope.Parameters.Create "SomeParameter", "SomeValue"
HTTP.SOAPAction = "http://www.mysite.org/action/Service.GetSome"
HTTP.Authentication "Username", "Password"
HTTP.Send http://www.mysite.org/webservice.WDSL",Envelope.Serialize
Envelope.Parse HTTP
MsgBox "Result: " and Envelope.Parameters.Item(0).Value
A. Digest authentication
B. SSL authentication
C. Basic authentication
D. Integrated authentication
What function can be used with SQL to encrypt user supplied-passwords to that they can be compared with the encrypted passwords stored on the SQL server?
A. pwdencrypt()
B. userencrypt()
C. DESpassword()
D. passwordin()
What coould a developer using Apple's Cocoa accomplish by using the following script?
NSURL *MyURL = [NSURL URLWithString:@"http://www.apple.com/"];
NSURL *urlContents = [myURL resourceDataUsingCache:YES];
if ([urlContents writeToFile:[@"~/Documents/applewebsite.html"
stringByExpandingTildeInPath]
atomically:YES])
{
// It was successful, do stuff here
} else {
// There was a problem writing the file
}
A. Download files
B. Write code to the applewebsite.html page
C. Load the contents of www.apple.com to the local cache
D. Check www.apple.com for vulnerabilities
What is one of the dominant factors that lead to insecure programming?
A. No companies currently teach developers how to create secure programs
B. Secure programming is not seen as a priority by any corporation
C. Security is not usually a skill possesed by programmers or developers
D. Secure programming is seen as too costly and time consuming by corporations
Although software companies despise software piracy, they often realize that illegal release of their product parallel to the legal release can actually increase the item's user base. These illegal versions of the software can oftentimes increase actual legal buyers.
What is this process called where illegal copies are released to the public along with the legal versions?
A. Shadow diffusion
B. Brigand diffusion
C. Sideline diffusion
D. Backdoor diffusion
If a developer wrote the following code, what would the script be vulnerable to?
#include
int main(int argc, char **argv)
{
int number = 5;
printf(argv[1]);
putchar('\n');
printf("number (%p) is equal to %d\n", andvalue, value);
}
A. Buffer overflow
B. Format string attack
C. Query string manipulation
D. SQL injection
Harold is writing a client-side socket program that will create a TCP connection to a remote server to retrieve data. What function should Harold use to create this connection?
A. SOCK_SRVADR
B. SOCK_TCP
C. SOCK_DGRAM
D. SOCK_STREAM
Carl is writing cgi-bin scripts in PERL for some web pages. He is concerned about malicious users trying to exploit the site and/or the cgi-sripts. If Carl uses the following code, what will he be able to prevent? $filename =~ s/[^A-Za-z0-9_-.//g
A. Dangerous input expression
B. Algorihmic complexity attacks
C. XSS attack
D. Insecure environmental variables
Gregory is a system administrator who oversees 15 Mac OS X servers for his company.
Three of his servers are at remote sites, but they still need to replicate and communicate with the servers at the main office. Gregory wants to use SSL to protect the LDAP traffic between all servers for security. For this to work properly, what port must be opened on the firewalls so that the SSL LDAP traffic can pass through?
A. 636
B. 443
C. 22
D. 139
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.