312-92 Exam Details

  • Exam Code
    :312-92
  • Exam Name
    :EC-Council Certified Secure Programmer v2 (ECSP)
  • Certification
    :EC-COUNCIL Certifications
  • Vendor
    :EC-COUNCIL
  • Total Questions
    :99 Q&As
  • Last Updated
    :Jul 12, 2026

EC-COUNCIL 312-92 Online Questions & Answers

  • Question 61:

    Jacob just purchased the BlueFire Mobile Security Enterprise software package for all his company's mobile devices. Jacob wants to configure the software so that it will quarantine a device by blocking all incoming and outgoing network communication if a breach or violation has occurred.

    What feature of the BlueFire software will be able to accomplish this?

    A. Integrity manager
    B. Device isolation
    C. Mobile quarantine
    D. Veracity verifier

  • Question 62:

    Fred wants to create his web page using AJAX to make them dynamic and give them the ability to use and share data. After an internal auditor examines the compliance of Fred's page, he says that they cannot be used if external visitors will be accessing the pages.

    Why would the auditor not let Fred publish the pages written with AJAX?

    A. Users with Java enabled will not be able to read pages
    B. Not supported in older browsers
    C. Users with XML enabled will not be able to read pages
    D. Not supported in newer browsers

  • Question 63:

    Kevin wants to use an SSL certificate from his Mac OS X server so that he can send and receive encrypted email. What would Kevin accomplish by typing in the following command? certtool c k=/Users/root/Library/Keychains/certkc

    A. Remove any unnecessary permissions on the file "certkc"
    B. Create keychain called "certkc"
    C. Copy the root certificate of the server to the file "certkc"
    D. Import encryption key into the file "certkc"

  • Question 64:

    Peter is writing a program that has a GUI front-end and uses a MS SQL database as a backend. Peter's application will repeatedly update and call upon specific tables in the database on a regular basis. Peter wants to make sure that his program always has the ability to update the database and that no other calls or updates can touch the database tables used at the same time.

    How could Peter accomplish this in his application?

    A. Explicit lock
    B. SET TRANSACTION EXCLUSIVE
    C. SET TRANSACTION WRITE
    D. Implicit lock

  • Question 65:

    Devon is an applications developer that just got back from a conference on how to correctly write code. Devon has a number of programs he has written that access data across WAN links, so he is particularly concerned about their security. Devon writes a script in C++ to check the security of the programs running on his internal servers. What will the following code from Devon's script accomplish?

    #include #include #include

    using namespace std; bool tryPort(int p);

    string target("");

    int main(int argC, char *argV[])

    {

    printf("PlagueZ port scanner 0.1\n");

    int startPort = getInt("start Port: ");

    int endPort = getInt("end Port: ");

    target = getString("Host: ");

    printf("[Processing port %d to %d]\n",

    startPort, endPort);

    for(int i=0; i

    {

    printf("[Trying port: %d]\n", i);

    if(tryPort(i)) // port open

    printf("[Port %d is open]\n", i);

    }

    printf("------Scan Finished-------\n");

    system("pause");

    return 0;

    }

    bool tryPort(int p)

    {

    SocketClient *scan;

    try

    {

    scan = new SocketClient(target, p);

    }

    catch(int e) { delete andscan; return

    false; }

    delete andscan;

    return true;

    }

    A. Scan the perimeter firewall for DoS vulnerabilities
    B. Create socket connections to the remote sites to check their security
    C. Close off any ports used by malicious code
    D. Scan for open ports

  • Question 66:

    What vulnerability is the following code susceptible to?

    CREATE OR REPLACE PROCEDURE demo (name in VARCHAR2) as

    cursor_name INTEGER;

    rows_processed INTEGER;

    sql VARCHAR2(150);

    code VARCHAR2(2);

    BEGIN

    ...

    sql := 'SELECT postal_code FROM states WHERE state_name = '''

    || '''';

    cursor_name := dbms_sql.open_cursor;

    DBMS_SQL.PARSE(cursor_name, sql, DBMS_SQL.NATIVE);

    DBMS_SQL.DEFINE_COLUMN(cursor_name, 1, code, 10);

    row_processed:= DMBS_SQL.EXECUTIVE(cursor_name);

    DBMS_SQL.CLOSE_CURSOR(cursor_name);

    A. SQL string manipulation
    B. DBMS_Open string attacks
    C. Oracle injection
    D. SQL injection

  • Question 67:

    Neil is almost finished developing a Web-based inventorytracking application for a company he is working for under contract. Neil finds out that the company wants to pay him half of what they had agreed upon so he is very angry. Neil

    decides to insert the following code into his application.

    What is Neil trying to create here?

    #include

    #include

    int main(int argc, char *argv[])

    {

    char buffer[10];

    if (argc < 2)

    {

    fprintf(stderr, "USAGE: %s

    string\n", argv[0]);

    return 1;

    }

    strcpy(buffer, argv[1]);

    return 0;

    }

    A. UML malformed string
    B. Format string bug
    C. Buffer underflow
    D. Buffer overflow

  • Question 68:

    Julie wants to use some of the Security and Trust Services API's for a program she is writing that will work with mobile devices. Which SATSA security package should Julie use if she needs to support basic user-certificate management?

    A. javax.crypto.pki
    B. javax.microedition.crypto
    C. javax.microedition.pki
    D. javax.security.crypto

  • Question 69:

    What encryption algorithm is used by PERL crypt() function?

    A. Skipjack
    B. 3DES
    C. DES
    D. AES

  • Question 70:

    Fred is planning on using the windows socket application ClientApp.exe program to create a client-side application that his employees will use. This program will access backend programs from two different remote sites over WAN connections. If Fred does not make any modifications to the ClientApp.exe default settings, what port must he have the network engineer open in order for the application to communicate?

    A. 21
    B. 23
    C. 25
    D. 80

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.