312-92 Online Practice Questions and Answers

Processes having the "CAP_NET_BIND_SERVICE" can listen on which ports?

A. Any TCP port over 1024

B. Any UDP port under 1024

C. Any TCP port under 1024

D. Any UDP port over 1024

Sherry is programming an online game and is trying to prevent security threats from being introduced into the game. She is also trying to prevent any kind of online cheating by searching for possible anomalies. Sherry especially wants to prevent cheating where a program or application is used to replace human reaction to produce superior results.

What category of online cheating is she most concerned about?

A. Authoritative clients

B. Reflex augmentation

C. Artificial intelligence intervention

D. Vector-time augmentation

Kyle is a web developer for Innovative Incorporated, a web development and graphics designing company in Dallas. Kyle is currently working on a web-based application for a client that wants dynamic and rich content on their site. Kyle is going to use java applets and flash animation to make the website really stand out. The client was adamant though about making sure the site used security features to ensure that the site itself and visitors alike would not have issues.

What Java security feature can Kyle use in the development of the site to add security?

A. Sandbox

B. JavaScan

C. Java quarantine

D. Limbo

Victor is creating an online shopping cart for his company that will accept credit cards as payment.

What protocol that provides open encryption and security specifications designed to protect credit card transactions should Victor use?

A. PET

B. DES

C. SET

D. GRAWP

Charles is writing a script in PERL for a website he is working on. The only problem he is having is that part of his script needs to call a file that a normal user does not have permission to access. What PERL command could Charles use to elevate the current user's permission so that the file could be called?

A. Taint

B. Setuid

C. Strict pragma

D. Setid()

Clay is a SQL dba working for Integrated Solutions Inc., a graphics design company in Miami. Clay administers 10 SQL servers at the company's headquarters. Clay wants to ensure that all SQL traffic stays within the internal network and no SQL traffic from the outside can get into the internal network.

What ports should Clay tell the network team to close off at the firewall to disallow all incoming and outgoing SQL traffic?

A. 1499

B. 1433

C. 389

D. 1434

Why would a software development firm want to fix any issues with a program at the design stage as opposed to fixing issues with a program through a patch release?

A. Releasing a patch costs 25 times as much as fixing the issue in the design stage

B. Releasing a patch costs 5 times as much as fixing the issue in the design stage

C. Releasing a patch is actually the most efficient and cost effective way of solving issues

D. Releasing a patch costs 60 times as much as fixing the issue in the design stage

When the following code is compiled and run is a program what size block will be used to hold name string?

#include

int main(int argc, char **argv)

{

char target[5]="TTTT";

char attacker[11]="AAAAAAAAAA";

strcpy(attacker, " DDDDDDDDDDDDDD");

printf("% \n", target);

return 0;

}

A. 16 bytes

B. 28 bytes

C. 32 bytes

D. 8 bytes

Carl is writing cgi-bin scripts in PERL for some web pages. He is concerned about malicious users trying to exploit the site and/or the cgi-sripts. If Carl uses the following code, what will he be able to prevent? $filename =~ s/[^A-Za-z0-9_-.//g

A. Dangerous input expression

B. Algorihmic complexity attacks

C. XSS attack

D. Insecure environmental variables

What function can be used with SQL to encrypt user supplied-passwords to that they can be compared with the encrypted passwords stored on the SQL server?

A. pwdencrypt()

B. userencrypt()

C. DESpassword()

D. passwordin()