Eccouncil 312-96 Exam Questions Instant Access

Question 1

Identify the type of attack depicted in the following figure.

ASQL Injection Attacks

BSession Fixation Attack

CParameter Tampering Attack

DDenial-of-Service Attack

Answer : C

Question 2

Which of the following can be derived from abuse cases to elicit security requirements for software system?

AMisuse cases

BData flow diagram

CUse cases

DSecurity use cases

Answer : D

Question 3

In which phase of secure development lifecycle the threat modeling is performed?

ACoding phase

BTesting phase

CDeployment phase

DDesign phase

Answer : D

Question 4

The software developer has implemented encryption in the code as shown in the following screenshot.

However, using the DES algorithm for encryption is considered to be an insecure coding practice as DES is a weak encryption algorithm. Which of the following symmetric encryption algorithms will you suggest for strong encryption?

AMD5

BSHA-1

CTriple DES

DAES

Answer : D

Question 5

Which of the following elements in web.xml file ensures that cookies will be transmitted over an encrypted channel?

A< connector lsSSLEnabled='Yes' / >

B< connector EnableSSL='true' / >

C< connector SSLEnabled='false' / >

D< connector SSLEnabled='true' / >

Answer : D

Question 6

Which of the following method will help you check if DEBUG level is enabled?

AisDebugEnabled()

BEnableDebug ()

CIsEnableDebug ()

DDebugEnabled()

Answer : A

Question 7

Which of the following relationship is used to describe abuse case scenarios?

AInclude Relationship

BThreatens Relationship

CExtend Relationship

DMitigates Relationship

Answer : B

Eccouncil Certified Application Security Engineer (CASE) JAVA 312-96 Exam Questions