CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. EC-Council
  5. EC0-350

Free EC0-350 Exam Braindumps (page: 36)

Page 35 of 191
PDF with 878 Questions

Buffer X is an Accounting application module for company can contain 200 characters. The programmer makes an assumption that 200 characters are more than enough. Because there were no proper boundary checks being conducted. Dave decided to insert 400 characters into the 200-character buffer which overflows the buffer. Below is the code snippet:
Void func (void)
{ int I; char buffer [200];
for (I=0; I<400; I++)
buffer (I)= ‘A’;
return;
}
How can you protect/fix the problem of your application as shown above? (Choose two)

  1. Because the counter starts with 0, we would stop when the counter is less then 200.
  2. Because the counter starts with 0, we would stop when the counter is more than 200.
  3. Add a separate statement to signify that if we have written 200 characters to the buffer, the stack should stop because it cannot hold any more data.
  4. Add a separate statement to signify that if we have written less than 200 characters to the buffer, the stack should stop because it cannot hold any more data.

Answer(s): A,C

Explanation:

I=199 would be the character number 200. The stack holds exact 200 characters so there is no need to stop before 200.



A Successfully Attack by a malicious hacker can divide into five phases, Match the order:

  1. The answer is Exhibit B.

Answer(s): A

Explanation:

• Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack.
• In Second Phase Hacker starts to scan the remote host to gather information about OS using, Opened Ports etc.
• After gathering information about the remote hosts starts to gain access to remote host.
So, Reconnaissance refers to the preparatory phase where an attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack.



Which of the following is NOT a valid NetWare access level?

  1. Not Logged in
  2. Logged in
  3. Console Access
  4. Administrator

Answer(s): D

Explanation:

Administrator is an account not a access level.



Which of the following is NOT true of cryptography?

  1. Science of protecting information by encoding it into an unreadable format
  2. Method of storing and transmitting data in a form that only those it is intended for can read and process
  3. Most (if not all) algorithms can be broken by both technical and non-technical means
  4. An effective way of protecting sensitive information in storage but not in transit

Answer(s): D

Explanation:

Cryptography will protect data in both storage and in transit.






Post your Comments and Discuss EC-Council EC0-350 exam with other Community members:

EC0-350 Discussions & Posts