EC-COUNCIL 312-92 Actual Free Exam Questions & Community Discussion

  • Exam Code/Number: 312-92
  • Exam Name/Title: EC-Council Certified Secure Programmer v2
  • Certification Provider: EC-COUNCIL
  • Corresponding Certification: ECSP
  • Exam Questions: 99
  • Updated On: Jul 08, 2026
John is creating a website using ASP. John's web pages will have a number of calculations, so he decides to create an include file that the pages will call so he does not have to rewrite the formula numerous times. John's website will be hosted by a server running IIS. John wants to ensure that the include source code is not revealed when the pages are viewed, so he gives the include an .asp extension.
When IIS processes the include file, which system file will be used to hide the include source code?
Correct Answer: B Vote an answer
Harold is writing a client-side socket program that will create a TCP connection to a remote server to retrieve data. What function should Harold use to create this connection?
Correct Answer: A Vote an answer
David is a developer that has created an application using the secure RPC protocol. Before anyone can actually use the program, where must David add entries for the users so that they can gain access?
Correct Answer: C Vote an answer
What functionality of the Oracle Identity Management system facilitates real-time integration of multiple directories and user repositories through a single LDAP service?
Correct Answer: D Vote an answer
What function can be used with SQL to encrypt user suppliedpasswords so that they can be compared with the encrypted passwords stored on the SQL server?
Correct Answer: B Vote an answer
Peter is writing a program that has a GUI front-end and uses a MS SQL database as a backend. Peter's application will repeatedly update and call upon specific tables in the database on a regular basis. Peter wants to make sure that his program always has the ability to update the database and that no other calls or updates can touch the database tables used at the same time. How could Peter accomplish this in his application?
Correct Answer: A Vote an answer
What programming threat model with six categories includes repudiation, spoofing identity, information disclosure and so on?
Correct Answer: D Vote an answer
Harold is developing software for the company he works for to aid in their human resources and payroll procedures. Harold is almost done working on the program, currently working in the testing phase. Since Harold's supervisors and the company executives are going to consider this a mission critical program, they want it to be tested to the fullest. Harold decides to test the program using higher than normal simulated loads and requests. What type of testing is Harold performing against his program?
Correct Answer: B Vote an answer
Kevin is developing a webpage using html and javascript code. The webpage will have a lot of important content and will have a number of functions that Kevin does not want revealed through the source code. Why would Kevin choose to employ HTML Guardian to hide the source code of his webpage?
Correct Answer: D Vote an answer
Lori is creating a login page using Java on one of her websites with the following code.
What vulnerability or issue is the code susceptible to?
conn = pool.getConnection();
String sql = "select * from user where
username='" + "' and password='" + password +
"'";
stmt = conn.createstatement();
rs = stmt.executeQuery(sql);
if (rs.next())
{
loggedIn = true;
out.println("Successfully logged in");
}
else
{
out.println("Username and/or password not valid");
}
Correct Answer: C Vote an answer
0
0
0
10