Bob has a good understanding of cryptography, having worked with it for many years.
Cryptography is used to secure data from specific threats, but it does not secure the application
from coding errors. It can provide data privacy; integrity and enable strong authentication but it
cannot mitigate programming errors. What is a good example of a programming error that Bob can
use to explain to the management how encryption will not address all their security concerns?
A.
Bob can explain that using a weak key management technique is a form of programming error
B.
Bob can explain that using passwords to derive cryptographic keys is a form of a programming
error
C.
Bob can explain that a buffer overflow is an example of programming error and it is a common
mistake associated with poor programming technique
D.
Bob can explain that a random number generator can be used to derive cryptographic keys but
it uses a weak seed value and this is a form of a programming error
Hi Admin
C.Bob can explain that a buffer overflow is an example of programming error and it is a common
mistake associated with poor programming technique
I agree with the comment above. The correct answer should be C.
The correct answer is C
definately C
Yes C
This bullshit web stills wrong, there’s no admin that fix nothing.
Don’t you think the answer could be A. C++ is known for buffer over flows according to the official course manuals. Not so much C#, where as numerous languages could have key management issues due to bad coding.
I know that this exam is NOT based on how we do things really but more on the theory side. So should we not think of the answer based on theory and not practical?
C. but what is correct question in examen CEH?