ZF-100-500 ZF-100-500 Questions and Answers

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='o r''=' as a username and successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a __________.

Which of the following SPL Interfaces/classes extends the standard Iterator interface and enables the ability to retrieve a specific item from internal data store?

Consider the PHP program (which includes a file specified by request):

$color = 'blue';

if (isset( $_GET['COLOR'] ) )

$color = $_GET['COLOR'];

require( $color . '.php' );

?>

A malicious user injects the following command:

/vulnerable.php?COLOR=C:\\notes.txt%00

Where vulnerable.php is a remotely hosted file containing an exploit. What does the malicious user want to do?

You work as a Database Administrator for Dolliver Inc. The company uses an Oracle database. The database contains two tables, named Employees and Departments. You want to retrieve all matched and unmatched rows from both the tables. Which of the following types of joins will you use to accomplish this?

Which of the following retrieves the request URI, path, $_GET & $_POST parameters, etc. and tracks whether an action has been dispatched via Zend_Controller_Dispatcher?

Which property is used to operate the memory object data?

Which of the following methods are used by Zend_Controller_Action_Helper_Abstract? Each correct answer represents a complete solution. Choose all that apply.

Which of the following methods is triggered when a dispatched action is done even if apreDispatch() plugin has skipped the action and is mainly useful for cleanup?

Which of the following functions can be used as a countermeasure to a Shell Injection attack? Each correct answer represents a complete solution. Choose all that apply.

Which of the following is the temp late layer, where all the HTML rendering takes place, and where everything to be displayed to a user is assembled?

Which of the following joins retrieves all rows from one table and only the matching rows from the joined table?

You have given the following XML data in the tasks.XML file:

Validate data

Secure data

Now, you run the following PHP script:

$objDOM = new DOMDocument();

$objDOM->load("tasks.xml");

$note = $objDOM->getElementsByTagName("note");

foreach( $note as $value )

{

$tasks = $value->getElementsByTagName("tasks");

$task = $tasks->item(0)->nodeValue;

$details = $value->getElementsByTagName("details");

$detail = $details->item(0)->nodeValue;

echo "$task :: $detail
";

}

?>

What should be displayed when this script is executed?

Which of the following methods sends log data to a PHP stream?

Which of the following methods are run by the Zend_Controller_Front::run($path) method at a time? Each correct answer represents a complete solution. Choose all that apply.

Which of the following statements correctly explain the working of Zend_Sera ch_Lucene?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following methods will you use to create movable objects?