Get ECCouncil CASE JAVA 312-96 Dumps Questions For Best Preparation

Jonnie Karnath2023-08-24T07:12:02+00:00

If you’re planning to take the EC-COUNCIL 312-96 exam, the ECCouncil CASE JAVA 312-96 Dumps Questions from Certspots can be an invaluable asset to your preparation. These dumps are designed to help you practice real exam questions and familiarize yourself with the exam format. By using the ECCouncil CASE JAVA 312-96 Dumps Questions, you can assess your knowledge and identify areas where you need to improve. This way, you can focus your studying efforts on the areas that matter most and optimize your chances of success.

Page 1 of 2

1. Alice, a Server Administrator (Tomcat), wants to ensure that Tomcat can be shut down only by the user who owns the Tomcat process. Select the appropriate setting of the CATALINA_HOME/conf in server.xml that will enable him to do so.

< server port="" shutdown-"' >

< server port="-1" shutdown-*" >

< server port="-1" shutdown="SHUTDOWN" >

< server port="8080" shutdown="SHUTDOWN" >

2. Which of the following configuration settings in server.xml will allow Tomcat server administrator to impose limit on uploading file based on their size?

< connector... maxFileLimit="file size" / >

< connector... maxPostSize="0"/>

< connector... maxFileSize="file size" / >

< connector... maxPostSize="file size" / >

3. In which phase of secure development lifecycle the threat modeling is performed?

Coding phase

Testing phase

Deployment phase

Design phase

4. The threat modeling phase where applications are decomposed and their entry points are reviewed from an attacker's perspective is known as ________

Attack Surface Evaluation

Threat Classification

Threat Identification

Impact Analysis

5. Identify the type of attack depicted in the figure below:

XSS

Cross-Site Request Forgery (CSRF) attack

SQL injection attack

Denial-of-Service attack

6. Jacob, a Security Engineer of the testing team, was inspecting the source code to find security vulnerabilities.

Which type of security assessment activity Jacob is currently performing?

ISCST

CAST

SAST

7. Which of the following method will help you check if DEBUG level is enabled?

isDebugEnabled()

EnableDebug ()

IsEnableDebug ()

DebugEnabled()

8. Which of the following relationship is used to describe security use case scenario?

Threatens Relationship

Extend Relationship

Mitigates Relationship

Include Relationship

9. Oliver is a web server admin and wants to configure the Tomcat server in such a way that it should not serve index pages in the absence of welcome files.

Which of the following settings in CATALINA_HOME/conf/ in web.xml will solve his problem?

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name > < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > false < /param-value > < /init-param > < load-on-startup > 1 < /load-on-startup > < servlet >

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name > < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > disable < /param-value> < /init-param > < load-on-startup > 1 < /load-on-startup> < /servlet >

< servlet > < servlet-name > default < /servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name>< param-value> 0 < /param value>< /init-param > < init-param > < param-name> listings < /param-name > < param-value > enable < /param-value > < /init-param > < load-on-startup> 1 < /load-on-startup > < /servlet >

< servlet > < servlet-name > default < servlet-name > < servlet-class > org.apache.catalina.servlets.DefaultServlet < /servlet-class > < init-param > < param-name > debug < /param-name> < param-value > 0 < /param-value > < /init-param > < init-param > < param-name > listings < /param-name > < param-value > true < /param-value > < /init-param > < load-on-startup > l < /load-on-startup > < /servlet >

10. Which of the risk assessment model is used to rate the threats-based risk to the application during threat modeling process?

DREAD

SMART

STRIDE

RED

Page 2 of 2

11. Identify what should NOT be catched while handling exceptions.

A EOFException

B. SecurityException

C. IllegalAccessException

D. NullPointerException

12. Oliver, a Server Administrator (Tomcat), has set configuration in web.xml file as shown in the following screenshot.

What is he trying to achieve?

He wants to transfer the entire data over encrypted channel

He wants to transfer only response parameter data over encrypted channel

He wants to transfer only request parameter data over encrypted channel

He wants to transfer only Session cookies over encrypted channel

13. Which of the threat classification model is used to classify threats during threat modeling process?

RED

STRIDE

DREAD

SMART

14. It is recommended that you should not use return, break, continue or throw statements in _________

Finally block

Try-With-Resources block

Try block

Catch block

15. A developer has written the following line of code to handle and maintain session in the application.

What did he do in the below scenario?

Maintained session by creating a Session variable user with value stored in uname variable.

Maintained session by creating a HTTP variable user with value stored in uname variable.

Maintained session by creating a Cookie user with value stored in uname variable.

Maintained session by creating a hidden variable user with value stored in uname variable.

Facebook Twitter LinkedIn Google + Email