Sherry is programming an online game and is trying to prevent security threats from being introduced into the game. She is also trying to prevent any kind of online cheating by searching for possible anomalies. Sherry especially wants to prevent cheating where a program or application is used to replace human reaction to produce superior results.

What category of online cheating is she most concerned about?

A. Authoritative clients

B. Reflex augmentation

C. Artificial intelligence intervention

D. Vector-time augmentation

Neil is almost finished developing a Web-based inventorytracking application for a company he is working for under contract. Neil finds out that the company wants to pay him half of what they had agreed upon so he is very angry. Neil

decides to insert the following code into his application.

What is Neil trying to create here?

#include

#include

int main(int argc, char *argv[])

{

char buffer[10];

if (argc < 2)

{

fprintf(stderr, "USAGE: %s

string\n", argv[0]);

return 1;

}

strcpy(buffer, argv[1]);

return 0;

}

A. UML malformed string

B. Format string bug

C. Buffer underflow

D. Buffer overflow

Heather has built a new Linux kernel for her machine and wants to use the grub boot loader. Which file should she edit to tell the computer how to boot up properly?

A. /boot/grub/menu.lst

B. /usr/src/linux/arch/i386/boot/menu.lst

C. /etc/dev/boot/menu.lst

D. /etc/boot/lilo.conf

Devon is writing the following code to avoid what?

A. Type safety

B. GET source code path

C. Parent path tampering

D. Canonicalization

Fred wants to create his web page using AJAX to make them dynamic and give them the ability to use and share data. After an internal auditor examines the compliance of Fred's page, he says that they cannot be used if external visitors will be accessing the pages.

Why would the auditor not let Fred publish the pages written with AJAX?

A. Users with Java enabled will not be able to read pages

B. Not supported in older browsers

C. Users with XML enabled will not be able to read pages

D. Not supported in newer browsers

Kevin wants to use an SSL certificate from his Mac OS X server so that he can send and receive encrypted email. What would Kevin accomplish by typing in the following command? certtool c k=/Users/root/Library/Keychains/certkc

A. Remove any unnecessary permissions on the file "certkc"

B. Create keychain called "certkc"

C. Copy the root certificate of the server to the file "certkc"

D. Import encryption key into the file "certkc"

When making a RPC function call on the local machine, what function should be used?

A. ncacn_ip_tcp

B. lclrpc

C. ncalrpc

D. get_local_rpc

What type of authentication is used in the following Pocket SOAP code? Dim Envelope

Dim HTTP

Set Envelope = CreateObject("PocketSOAP.Envelope.2")

Set HTTP = CreateObject("PocketSOAP.HTTPTransport.2)

Envelope.SetMethod "GetSome", "http://www.mysite.org/message/"

Emvelope.Parameters.Create "SomeParameter", "SomeValue"

HTTP.SOAPAction = "http://www.mysite.org/action/Service.GetSome"

HTTP.Authentication "Username", "Password"

HTTP.Send http://www.mysite.org/webservice.WDSL",Envelope.Serialize

Envelope.Parse HTTP

MsgBox "Result: " and Envelope.Parameters.Item(0).Value

A. Digest authentication

B. SSL authentication

C. Basic authentication

D. Integrated authentication

What vulnerability is the following code susceptible to?

CREATE OR REPLACE PROCEDURE demo (name in VARCHAR2) as

cursor_name INTEGER;

rows_processed INTEGER;

sql VARCHAR2(150);

code VARCHAR2(2);

BEGIN

...

sql := 'SELECT postal_code FROM states WHERE state_name = '''

|| '''';

cursor_name := dbms_sql.open_cursor;

DBMS_SQL.PARSE(cursor_name, sql, DBMS_SQL.NATIVE);

DBMS_SQL.DEFINE_COLUMN(cursor_name, 1, code, 10);

row_processed:= DMBS_SQL.EXECUTIVE(cursor_name);

DBMS_SQL.CLOSE_CURSOR(cursor_name);

A. SQL string manipulation

B. DBMS_Open string attacks

C. Oracle injection

D. SQL injection

What type of problem will result if the following statement is used?

int main()

{

short int a;

unsigned short int=b32768;

a=b;

printf( " a = %d", a);

b=65535;

a=b;

printf( " a = %d", a);

}

A. Truncation

B. Pointer subterfuge

C. Sign error

D. Function-pointer clobbering