What testing methodology does not require any knowledge of the internal design or code of a software application?
A. Integration testingWhat is defined as the practice of using selected process techniques to improve the quality of a software development effort?
A. Software codingIf a developer wrote the following code, what would the script be vulnerable to?
#include
int main(int argc, char **argv)
{
int number = 5;
printf(argv[1]);
putchar('\n');
printf("number (%p) is equal to %d\n", andvalue, value);
}
A. Buffer overflowJacob is the system administrator for his company, managing over 20 Linux-based servers.
Jacob wants to ensure that his servers are secure so he decides to add the following line to the /etc/sysctl.conf file:
net.ipv4.conf.all.rp_filter = 1
What will this line accomplish?
A. Prevent spoofing of incoming packets that appear to be from the computer's defaultgatewayGregory is a system administrator who oversees 15 Mac OS X servers for his company.
Three of his servers are at remote sites, but they still need to replicate and communicate with the servers at the main office. Gregory wants to use SSL to protect the LDAP traffic between all servers for security. For this to work properly, what port must be opened on the firewalls so that the SSL LDAP traffic can pass through?
A. 636Fred has just finished developing a number of ASP pages that will be posted to his company's website. Fred does not want the page's source code viewed by anyone, so he decided to encode the pages to make the source code unusable.
What will the following command accomplish?
screnc /e asp *.* c:\tmp
A. Create an MD5 hash for all ASP files in the c:\tmp directoryWhen dealing with IA32 (x86) systems, how are the inputted variables treated as they enter the memory stack?
A. Cache for 30 secondsWhat would be the result of the following code?
#include
#include
int main(int argc, char *argv[])
{
char *input=malloc(20);
char *output=malloc(20);
strcpy(output, "normal output");
strcpy(input, argv[1]);
printf("input at %p: %s\n", input, input);
printf("output at %p: %s\n", output, output);
printf("\n\n%s\n", output);
}
A. Stack buffer overflowGeorge is the CIO for the US Department of Defense. George's education and work experience cover everything from Systems Administration to developing complex software programs for the government. With many new federal regulations put forth by the US Department of Homeland Security, every single aspect of George's control must be secured and protected from attack. George is currently looking to purchase customized communications software for sending instant messages to branches of the DoD all over the world.
What set of security standards should George ensure the software he purchases be developed under?
A. Common CriteriaMegan has just build a new kernel using the command make bzImage. Where can Megan go now to see the newly created kernel?
A. /etc/lino.confNowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.