quiz 7

Question 1

A ____ is a mini program within a main program that carries out a task.

Answer 1

function

Question 2

A loop usually completes after ____________________ is conducted on a variable and returns a value of true or false.

Answer 2

testing

Question 3

C programs must contain a(n) ____________________ function, but you can also add your own functions to a C program.

Answer 3

main()

main

Question 4

HTML doesn’t use branching, looping, or testing.

Answer 4

True

Question 5

The for loop is one of C’s most interesting pieces of code. In the following for loop, the first part initializes the counter variable to 1, and then the second part tests a condition. It continues looping until the value of counter is equal to or less than 10. The last part of the for loop increments the counter variable by 1.

Answer 5

for (counter = 1;counter

Question 6

In a Perl program, to go from one function to another, you simply call the function by entering the function name in your source code. In the following example, the &name_best_guitarist line branches the program to the sub name_best_guitarist function:

Answer 6

# Perl program illustrating the branching function
# Documentation is important
# Initialize variables
$first_name = "Jimi";
$last_name = "Hendrix";
&name_best_guitarist;
sub name_best_guitarist
{
      printf "%s %s %s", $first_name, $last_name, "was the best!";
}

Question 7

If you want to know what the Perl print command does, you can use ____.

Answer 7

perldoc -f print

Question 8

In C, the statement ____ tells the compiler to keep doing what’s in the brackets over and over and over.

Answer 8

for(;;)

Question 9

In Perl, variables begin with the ____ character.

Answer 9

$

Question 10

In Perl, the keyword “____” is used in front of function names.

Answer 10

sub

Question 11

In Perl, comment lines begin with the ____ character(s).

Answer 11

#

Question 12

In programming, what are variables used for?

Answer 12

A variable represents a numeric or string value.For example, you can solve x + y = z if you know two of the variable values. In programming, you can declare variables at the beginning of a program so that calculations can be carried out without user intervention. A variable might be defined as a character or characters, such as the letters of the alphabet, or it can be assigned a numeric value, as in the expression int x = 1.

Question 13

List and describe the variable types used in C.

Answer 13

int: Use this variable type for an integer (positive or negative number).
float: This variable type is for a real number that includes a decimal point, such as 1.299999.
double: Use this variable type for a double-precision floating point.
char: This variable type holds the value of a single letter.
string: This variable type holds the value of multiple characters or words.
const: A constant variable is one you create to hold a value that doesn’t change for the duration of your program. For example, you can create a constant variable called TAX and give it a specific value: const TAX - .085. If this variable is used in areas of the program that calculate total costs after adding an 8.5% tax, it’s easier to change the constant value to a different number if the tax rate changes, instead of changing every occurrence of 8.5% to 8.6%.

Question 14

Many scripts and programs for security professionals are written in ________________________________________, a powerful scripting language

Answer 14

Practical Extraction and Report Language
PERL
Practical Extraction and Report Language (PERL)
PERL (Practical Extraction and Report Language)

Question 15

Most programming languages do not have a way to conduct testing of a variable.

Answer 15

False

Question 16

Mention three C compilers and on which operating systems they are available.

Answer 16

Intel Compilers for Windows and Linux: Intel’s C++ compiler for developing applications for Windows servers, desktops, and handheld PDAs. The Intel Linux C++ compiler claims to optimize the speed of accessing information from a MySQL database, an open-source database program used by many corporations and e-commerce companies.

Microsoft Visual C++ Compiler: This compiler is widely used by programmers developing C and C++ applications for Windows platforms.

GNU C and C++ compilers (GCC): These free compilers can be downloaded for Windows and *nix platforms. Most *nix systems include the GNU GCC compiler.

Question 17

Security professionals often need to examine Web pages and recognize when something looks suspicious.

Answer 17

True

Question 18

Software engineering firms don’t retain computer programmers who do not document their work because they know that 80% of the cost of software projects is ____.

Answer 18

maintenance

Question 19

Structures called classes can be written in many ____________________ languages (Java, Object COBOL, or Perl).

Answer 19

object-oriented

Question 20

The C programming language was developed by ____ at Bell Laboratories in 1972.

Answer 20

Dennis Ritchie

Question 21

The Win32 class contains many functions you can call from your Perl script. How can attackers use these functions? Should security professionals become proficient at using them in a program?

Answer 21

Attackers and security professionals can use these functions to discover information about a remote computer. Although these functions aren’t difficult to understand, becoming proficient at using them in a program takes time and discipline. For security professionals who need to know what attackers can do, gaining this skill is worth the time and effort.

Question 22

The ____ special character is used with the printf() function in C to indicate a tab.

Answer 22

\t

Question 23

The ____ special character is used with the printf() function in C to indicate a new line.

Answer 23

\n

Question 24

The ____ statement in C is used to load libraries that hold the commands and functions used in your program.

Answer 24

include

Question 25

The mathematical operator in C that increments the unary value by 1 is ____.

Answer 25

++

Question 26

The logical operator in C that is used to compare the equality of two variables is ____.

Answer 26

==

Question 27

To compile the “syntax.c” program in *nix you enter the gcc -c syntax.c -o syntax.o command.

Answer 27

True

Question 28

The print command for Perl is almost identical to the ____ print command.

Answer 28

C

Question 29

UNIX was first written in assembly language, soon rewritten in ____.

Answer 29

C

Question 30

What is a dangerous thing about programming in the C language?

Answer 30

What’s dangerous about C is that a beginner can make some big blunders. For example, a programmer can write to areas of memory that cause damage to the OS kernel or, even worse, write a program that allows a remote user to write to areas of memory. Usually, what’s written is executable code that might give an attacker a backdoor into the system, escalate an attacker’s privileges to that of an administrator, or simply crash the program. This type of attack is usually possible because the programmer didn’t check users’ input. For example, if users can enter 300 characters when prompted to enter their last names, an attacker can probably enter executable code at this point of the program. When you see the term “buffer overflow vulnerability,” think “poor programming practices.” Although C is easy to learn and use, errors in using it can result in system damage.

Question 31

What is the difference between the = and = = operators in C?

Answer 31

Many beginning C programmers make the mistake of using a single equal sign (=) instead of the double equal sign (= =) when attempting to test the value of a variable. A single equal sign (the assignment operator) is used to assign a value to a variable. For example, a = 5 assigns the value of 5 to the variable a. To test the value of variable a, you could use the command “if (a = = 5)”. If you mistakenly wrote the statement as “if (a = 5)”, the value of 5 is assigned to the variable a, and then the statement is evaluated as true. This is because any value not equal to zero is evaluated as true, and a zero value is evaluated as false.

Question 32

Why is documenting computer programs essential?

Answer 32

When writing any computer program, documenting your work is essential. To do this, you add comments to the code that explain what you’re doing. Documentation not only makes your program easier for someone else to modify; it also helps you remember what you were thinking when you wrote the program. The phrase “No comment” might be appropriate for politicians or Wall Street investors with inside trading information, but not for computer programmers.

Question 33

You can use /* and */ instead of ____ symbol(s) for one-line comments in C.

Answer 33

//

Question 34

____ is the act of performing a task over and over.

Answer 34

Looping

Question 35

___ takes you from one area of a program (a function) to another area.

Answer 35

Branching

Question 36

___________________ language uses a combination of hexadecimal numbers and expressions, such as mov, add, and sub, making it easier for humans to write programs than in binary or machine language.

Answer 36

Assembly

Question 37

error that causes unpredictable results

Answer 37

bug

Question 38

English-like language you can use to help create the structure of your program

Answer 38

pseudocode

Question 39

converts a text-based program, called source code, into executable or binary code

Answer 39

compiler

Question 40

GNU C and C++ compilers

Answer 40

gcc

Question 41

epresents a numeric or string value

Answer 41

variable

Question 42

tells the compiler how to convert a value in a function

Answer 42

conversion specifier

Question 43

checks whether a condition is true and then continues looping until the condition becomes false

Answer 43

while loop

Question 44

performs an action first and then tests to see whether the action should continue to occur

Answer 44

do loop

Question 45

structure that holds pieces of data and functions

Answer 45

class