312-92 Exam Details

  • Exam Code
    :312-92
  • Exam Name
    :EC-Council Certified Secure Programmer v2 (ECSP)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :99 Q&As
  • Last Updated
    :Jul 12, 2026

EC-COUNCIL 312-92 Online Questions & Answers

  • Question 21:

    What testing methodology does not require any knowledge of the internal design or code of a software application?

    A. Integration testing
    B. White box testing
    C. Black box testing
    D. Unit testing

  • Question 22:

    What is defined as the practice of using selected process techniques to improve the quality of a software development effort?

    A. Software coding
    B. Systems life-cycle engineering
    C. Software engineering
    D. Business systems analysis

  • Question 23:

    If a developer wrote the following code, what would the script be vulnerable to?

    #include

    int main(int argc, char **argv)

    {

    int number = 5;

    printf(argv[1]);

    putchar('\n');

    printf("number (%p) is equal to %d\n", andvalue, value);

    }

    A. Buffer overflow
    B. Format string attack
    C. Query string manipulation
    D. SQL injection

  • Question 24:

    Jacob is the system administrator for his company, managing over 20 Linux-based servers.

    Jacob wants to ensure that his servers are secure so he decides to add the following line to the /etc/sysctl.conf file:

    net.ipv4.conf.all.rp_filter = 1

    What will this line accomplish?

    A. Prevent spoofing of incoming packets that appear to be from the computer's defaultgateway
    B. Prevent spoofing of incoming packets that appear to be from local machine
    C. Allow incoming packets only from own subnet
    D. Allow outgoing packets only through primary network card

  • Question 25:

    Gregory is a system administrator who oversees 15 Mac OS X servers for his company.

    Three of his servers are at remote sites, but they still need to replicate and communicate with the servers at the main office. Gregory wants to use SSL to protect the LDAP traffic between all servers for security. For this to work properly, what port must be opened on the firewalls so that the SSL LDAP traffic can pass through?

    A. 636
    B. 443
    C. 22
    D. 139

  • Question 26:

    Fred has just finished developing a number of ASP pages that will be posted to his company's website. Fred does not want the page's source code viewed by anyone, so he decided to encode the pages to make the source code unusable.

    What will the following command accomplish?

    screnc /e asp *.* c:\tmp

    A. Create an MD5 hash for all ASP files in the c:\tmp directory
    B. Encode all ASP files in current directory as ASP files and place them in the c:\tmpdirectory
    C. Encode all ASP files and place them in the c:\tmp directory
    D. Encode all ASP files in in the c:\tmp and place them in the default IIS virtual directory

  • Question 27:

    When dealing with IA32 (x86) systems, how are the inputted variables treated as they enter the memory stack?

    A. Cache for 30 seconds
    B. LIFO
    C. FIFO
    D. FCFS

  • Question 28:

    What would be the result of the following code?

    #include

    #include

    int main(int argc, char *argv[])

    {

    char *input=malloc(20);

    char *output=malloc(20);

    strcpy(output, "normal output");

    strcpy(input, argv[1]);

    printf("input at %p: %s\n", input, input);

    printf("output at %p: %s\n", output, output);

    printf("\n\n%s\n", output);

    }

    A. Stack buffer overflow
    B. Heap overflow
    C. Query string manipulation
    D. Pointer Subterfuge

  • Question 29:

    George is the CIO for the US Department of Defense. George's education and work experience cover everything from Systems Administration to developing complex software programs for the government. With many new federal regulations put forth by the US Department of Homeland Security, every single aspect of George's control must be secured and protected from attack. George is currently looking to purchase customized communications software for sending instant messages to branches of the DoD all over the world.

    What set of security standards should George ensure the software he purchases be developed under?

    A. Common Criteria
    B. ISO 199776
    C. Code Containment
    D. Code Access Security

  • Question 30:

    Megan has just build a new kernel using the command make bzImage. Where can Megan go now to see the newly created kernel?

    A. /etc/lino.conf
    B. /etc/dev/boot/bzImage
    C. /boot/mynewkernel/bzImage
    D. /usr/src/linux/arch/i386/boot/bzImage

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.