EC-Council Certified Secure Programmer (ECSP) v6.0

Page:    1 / 7   
Exam contains 99 questions

What will the following ASP script accomplish on a webpage?
Response.CacheControl = no-cache
Response.AddHeader Pragma, no-cache

Response.Expires = -1 -
if session(UID)= then

Response.Redirect Logon.asp -

Response.End -
end if

  • A. Redirect users to the logon page if they do not have a valid certificate
  • B. Logged on users will timeout after hour
  • C. Checks whether user has already logged on
  • D. Checks the user’s cache for personal information

Answer : C

Heather has built a new Linux kernel for her machine and wants to use the grub boot loader.
Which file should she edit to tell the computer how to boot up properly?

  • A. /boot/grub/menu.lst
  • B. /usr/src/linux/arch/i386/boot/menu.lst
  • C. /etc/dev/boot/menu.lst
  • D. /etc/boot/lilo.conf

Answer : A

Jonathan is creating an XML document and needs to sign data streams. In his code,
Jonathan creates a signature node that is contained within the signed datastream. What type of signature signing has Jonathan employed here?

  • A. Enveloping
  • B. Attached
  • C. Detached
  • D. Enveloped

Answer : D

Victor is creating an online shopping cart for his company that will accept credit cards as payment. What protocol that provides open encryption and security specifications designed to protect credit card transactions should Victor use?

  • A. PET
  • B. DES
  • C. SET
  • D. GRAWP

Answer : C

What function can be used with SQL to encrypt user suppliedpasswords so that they can be compared with the encrypted passwords stored on the SQL server?

  • A. DESpassword()
  • B. userencrypt()
  • C. passwordin()
  • D. pwdencrypt()

Answer : D

Carl just purchased an expensive smart phone to use for personal and business use. Carl wants to protect his investment so he decides to register the unique GSM number of the phone in case it is ever stolen. Which number should he have registered?

  • A. SIM card serial number
  • B. 15-digit IMEI number
  • C. Phone manufacturer’s serial number
  • D. Device’s phone number with country and area code

Answer : B

Paul wants to capture audit information on PLSQL so he executes the following command: sqlplus sys / as sysdba
Enter password: password123!!!!
What privileges has Paul logged on with?

  • A. ADMIN
  • B. Root
  • D. SYS

Answer : C

George is writing an application in Java and is using DES in the code to implement the encryption and decryption of data that will be passed. In the following code snippet, what will be accomplished?
FileOutputStream out = newFileOutputStream

  • A. Convert the secret key to an array of bytes
  • B. Generate a secret TripleDES encryption key
  • C. Writes the raw key to a file
  • D. Send the raw key to a decryption output array

Answer : C

Charles is writing a script in PERL for a website he is working on. The only problem he is having is that part of his script needs to call a file that a normal user does not have permission to access. What PERL command could Charles use to elevate the current users permission so that the file could be called?

  • A. Taint
  • B. Setuid
  • C. Strict pragma
  • D. Setid()

Answer : B

Devon is writing the following code to avoid what?
<script language=vb runat=server>
Sub Application_BeginRequest(Sender as object, E as EventArgs)
If (Request.Path.Indexof(chr(92)) >= 0 OR _

System.IO.Path.GetFullPath -
(Request.PhysicalPath) <> Request.PhysicalPath)
Throw New HttpException(404, Not Found

End If -

End Sub -

  • A. Type safety
  • B. GET source code path
  • C. Parent path tampering
  • D. Canonicalization

Answer : D

Jacob just purchased the BlueFire Mobile Security Enterprise software package for all his companys mobile devices. Jacob wants to configure the software so that it will quarantine a device by blocking all incoming and outgoing network communication if a breach or violation has occurred. What feature of the BlueFire software will be able to accomplish this?

  • A. Integrity manager
  • B. Device isolation
  • C. Mobile quarantine
  • D. Veracity verifier

Answer : A

Simon is writing an application that will use RPC to talk between a client and server. He will use authentication, but in his application the server does not have to know the RPC callers identity. What type of RPC authentication can Simon use for this application?

  • A. UNIX authentication
  • B. ANONYMOUS authentication
  • C. DES authentication
  • D. NULL authentication

Answer : B

What two encryption methods are used by the Secure Electronic Transaction system?

  • A. RSA
  • B. AES
  • C. DES
  • D. 3DES

Answer : A,C

Kevin is developing a webpage using html and javascript code. The webpage will have a lot of important content and will have a number of functions that Kevin does not want revealed through the source code. Why would Kevin choose to employ HTML Guardian to hide the source code of his webpage?

  • A. HTML Guardian disables the “view source” option when users browse to the page
  • B. HTML Guardian makes it so that nothing can be seen at all when viewing the source code
  • C. HTML Guardian wraps the code up into include files
  • D. HTML Guardian encrypts html and javascript code

Answer : D

Clay is a SQL dba working for Integrated Solutions Inc., a graphics design company in
Miami. Clay administers 10 SQL servers at the companys headquarters. Clay wants to ensure that all SQL traffic stays within the internal network and no SQL traffic from the outside can get into the internal network. What ports should Clay tell the network team to close off at the firewall to disallow all incoming and outgoing SQL traffic?

  • A. 1499
  • B. 1433
  • C. 389
  • D. 1434

Answer : B,D

Page:    1 / 7   
Exam contains 99 questions

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us