Travis, a senior systems developer for YNY Services, received an email recently from an unknown source. Instead of opening the email on his normal production machine, Travis decides to copy the email to a thumb drive and examine it from
a quarantined PC not on the network. Travis examines the email and discovers a link that is supposed to take him to http://scarysite.com. Travis decides to get back on his production computer and examine the code of that site.
From the following code snippet, what has Travis discovered?
A. URL obfuscation
Kenny is the CIO for Fredrickson Entertainment, a gaming software company in Omaha. The developers in Kenny's company have just finished creating a 3D first person shooter game that will be released to the market within the next couple of months. Kenny is trying to decide what type of license or activation code structure they should use for the game to prevent piracy and protect their product. Kenny decides to go with an approach that will allow each sold copy to be activated online up to five times because he knows his users might have multiple PCs or might need to reinstall the product at some point.
What type of activation policy has Kenny decided to go with?
A. Loose license enforced - reasonable useWhen the following code is compiled and run is a program what size block will be used to hold name string?
#include
int main(int argc, char **argv)
{
char target[5]="TTTT";
char attacker[11]="AAAAAAAAAA";
strcpy(attacker, " DDDDDDDDDDDDDD");
printf("% \n", target);
return 0;
}
A. 16 bytesWhat is one of the dominant factors that lead to insecure programming?
A. No companies currently teach developers how to create secure programsWhat will the following ASP script accomplish on a webpage?
<%
Response.CacheControl = "no-cache"
Response.AddHeader "Pragma", "no-cache"
Response.Expires = -1
if session("UID")="" then
Response.Redirect "Logon.asp"
Response.End
end if
%>
A. Redirect users to the logon page if they do not have a valid certificateKyle is a web developer for Innovative Incorporated, a web development and graphics designing company in Dallas. Kyle is currently working on a web-based application for a client that wants dynamic and rich content on their site. Kyle is going to use java applets and flash animation to make the website really stand out. The client was adamant though about making sure the site used security features to ensure that the site itself and visitors alike would not have issues.
What Java security feature can Kyle use in the development of the site to add security?
A. SandboxWhat will the following SQL command accomplish? USE Accounting GO EXECUTE sp_grantdbaccess guest
A. Add guest user to the Accounting security groupWhat will the following command accomplish? c:\signtool12winnt\signtool -L -d a:\tmpcert:a:\cert
A. Save certificate to a temporary archive directoryLori is creating a login page using Java on one of her websites with the following code. What vulnerability or issue is the code susceptible to?
conn = pool.getConnection();
String sql = "select * from user where
username='" + "' and password='" + password +
"'";
stmt = conn.createstatement();
rs = stmt.executeQuery(sql);
if (rs.next())
{
loggedIn = true;
out.println("Successfully logged in");
}
else
{
out.println("Username and/or password not valid");
}
A. SQL injectionHarold is creating an Oracle Label Security Policy on his server. He has define the policy and defined the components of the labels already. Now Harold creates the labels dynamically using the TO_DATA_LABEL function:
INSERT INTO emp (ename, empnum, hr_label)
VALUES ('FGRIFFIN', 10 to_data_label ('HR', 'SENSITIVE'));
Harold gets an error reffering to permission when he tries to run this function. What authority must Harold have to run the TO_DATA_LABEL function?
A. EXECUTENowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only EC-COUNCIL exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your 312-92 exam preparations and EC-COUNCIL certification application, do not hesitate to visit our Vcedump.com to find your solutions here.