312-92 Online Practice Questions and Answers

What is the new lightweight audit framework that is built into Red Hat Linux Enterprise?

A. HelperReview

B. Audit2

C. SOCK review

D. RedHat review

What is defined as the practice of using selected process techniques to improve the quality of a software development effort?

A. Software coding

B. Systems life-cycle engineering

C. Software engineering

D. Business systems analysis

Carl just purchased an expensive smart phone to use for personal and business use. Carl wants to protect his investment so he decides to register the unique GSM number of the phone in case it is ever stolen. Which number should he have registered?

A. SIM card serial number

B. 15-digit IMEI number

C. Phone manufacturer's serial number

D. Device's phone number with country and area code

Devon is writing the following code to avoid what?

A. Type safety

B. GET source code path

C. Parent path tampering

D. Canonicalization

Why would a software development firm want to fix any issues with a program at the design stage as opposed to fixing issues with a program through a patch release?

A. Releasing a patch costs 25 times as much as fixing the issue in the design stage

B. Releasing a patch costs 5 times as much as fixing the issue in the design stage

C. Releasing a patch is actually the most efficient and cost effective way of solving issues

D. Releasing a patch costs 60 times as much as fixing the issue in the design stage

Kevin wants to use an SSL certificate from his Mac OS X server so that he can send and receive encrypted email. What would Kevin accomplish by typing in the following command? certtool c k=/Users/root/Library/Keychains/certkc

A. Remove any unnecessary permissions on the file "certkc"

B. Create keychain called "certkc"

C. Copy the root certificate of the server to the file "certkc"

D. Import encryption key into the file "certkc"

When making a RPC function call on the local machine, what function should be used?

A. ncacn_ip_tcp

B. lclrpc

C. ncalrpc

D. get_local_rpc

Harold is writing a J2ME program that run an inventory application on his company's PDAs.

Employees will use their PDA to scan barcodes into the program Harold is writing. Harold is very concerned about securing his program's code and ensuring its integrity once it is utilized. Harold particularly wants to stop the execution of class

files loaded in the virtual machine in any way, what is not allowed by java virtual machine specification.

What level of J2ME security should Harold implement to accomplish this?

A. High-end security

B. End-to-end security

C. Low-level-security

D. Application level security

Harold is creating an Oracle Label Security Policy on his server. He has define the policy and defined the components of the labels already. Now Harold creates the labels dynamically using the TO_DATA_LABEL function:

INSERT INTO emp (ename, empnum, hr_label)

VALUES ('FGRIFFIN', 10 to_data_label ('HR', 'SENSITIVE'));

Harold gets an error reffering to permission when he tries to run this function. What authority must Harold have to run the TO_DATA_LABEL function?

A. EXECUTE

B. WRITE

C. INSERT

D. CREATE

What is one of the dominant factors that lead to insecure programming?

A. No companies currently teach developers how to create secure programs

B. Secure programming is not seen as a priority by any corporation

C. Security is not usually a skill possesed by programmers or developers

D. Secure programming is seen as too costly and time consuming by corporations